ZAP Scanning Report

Site: http://localhost:3000

Generated on niedz., 12 lis 2023 18:41:54

ZAP Version: 2.14.0

Summary of Alerts

Poziom ryzyka Number of Alerts
Wysoki
1
Średni
2
Niski
0
Informacyjny
4

Zagrozenia

Nazwa Poziom ryzyka Number of Instances
Cloud Metadata Potentially Exposed Wysoki 1
Absence of Anti-CSRF Tokens Średni 1338
CSP: Wildcard Directive Średni 1382
Authentication Request Identified Informacyjny 2
Information Disclosure - Sensitive Information in URL Informacyjny 39
User Agent Fuzzer Informacyjny 12
User Controllable HTML Element Attribute (Potential XSS) Informacyjny 4134

Alert Detail

Wysoki
Cloud Metadata Potentially Exposed
Opis
The Cloud Metadata Attack attempts to abuse a misconfigured NGINX server in order to access the instance metadata maintained by cloud service providers such as AWS, GCP and Azure.

All of these providers provide metadata via an internal unroutable IP address '169.254.169.254' - this can be exposed by incorrectly configured NGINX servers and accessed by using this IP address in the Host header field.
URL http://localhost:3000/latest/meta-data/
Metody GET
Parameter
Atak 169.254.169.254
Evidence
Other Info Based on the successful response status code cloud metadata may have been returned in the response. Check the response data to see if any cloud metadata has been returned. The meta data returned can include information that would allow an attacker to completely compromise the system.
Instances 1
Solution
Do not trust any user data in NGINX configs. In this case it is probably the use of the $host variable which is set from the 'Host' header and can be controlled by an attacker.
Reference https://www.nginx.com/blog/trust-no-one-perils-of-trusting-user-input/
CWE Id
WASC Id
Plugin Id 90034
Średni
Absence of Anti-CSRF Tokens
Opis
No Anti-CSRF tokens were found in a HTML submission form.

Cross-site request forgery jest atakiem, który obejmuje zmuszanie ofiary do wysłania żądania HTTP do miejsca celowego bez ich wiedzy lub intencji w celu przeprowadzenia akcji jako ofiara. Podstawową przyczyną jest powtarzalność działania aplikacji z przewidywalnymi adresami URL / formularzami. Charakterem ataku jest to, że CSRF wykorzystuje zaufanie, jakie witryna darzy użytkownika. Natomiast skrypty cross-site scripting (XSS) wykorzystują zaufanie, jakim użytkownik darzy stronę internetową. Podobnie jak w przypadku XSS, ataki CSRF niekoniecznie muszą być przekierowane na drugą stronę, ale mogą być. Cross-site request forgery jest również znane jako CSRF, XSRF, atak za jednym kliknięciem, jazda na sesjach, zdezorientowany delegat i surfowanie po morzu.

Ataki CSRF są skuteczne w wielu sytuacjach, w tym:

* Ofiara ma aktywną sesję w witrynie docelowej.

* Ofiara jest uwierzytelniona za pośrednictwem protokołu HTTP w witrynie docelowej.

* Ofiara jest w tej samej sieci lokalnej co strona docelowa.

CSRF został użyty przede wszystkim do wykonania akcji przeciwko witrynie docelowej z wykorzystaniem przywilejów ofiary, ale odkryto najnowsze techniki udostępniania informacji poprzez uzyskanie dostępu do odpowiedzi. Ryzyko udostępnienia informacji dramatycznie wzrasta kiedy strona celu jest podatna na XSS, ponieważ XSS może być użyty jako platforma dla CSRF, włączając w to atak obsługiwany w granicach polityki tego samego pochodzenia.
URL http://localhost:3000/UI/acsrf/action/addOptionToken/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/acsrf/action/removeOptionToken/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/acsrf/other/genForm/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "actionUrl" "apikey" "button" "hrefId" ].
URL http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "actionUrl" "apikey" "button" "hrefId" ].
URL http://localhost:3000/UI/acsrf/view/optionPartialMatchingEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/acsrf/view/optionPartialMatchingEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/acsrf/view/optionTokensNames/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/acsrf/view/optionTokensNames/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" "regex" ].
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" "regex" ].
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attributeName" "attributeValue" "button" "contextName" "description" "element" "enabled" "text" "xpath" ].
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attributeName" "attributeValue" "button" "contextName" "description" "element" "enabled" "text" "xpath" ].
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attributeName" "attributeValue" "button" "contextName" "description" "descriptionNew" "element" "enabled" "text" "xpath" ].
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attributeName" "attributeValue" "button" "contextName" "description" "descriptionNew" "element" "enabled" "text" "xpath" ].
URL http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "regex" ].
URL http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "regex" ].
URL http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "description" ].
URL http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "description" ].
URL http://localhost:3000/UI/ajaxSpider/action/scan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "inScope" "subtreeOnly" "url" ].
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "inScope" "subtreeOnly" "url" ].
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "subtreeOnly" "url" "userName" ].
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "subtreeOnly" "url" "userName" ].
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" "regex" ].
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" "regex" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ajaxSpider/action/stop/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/action/stop/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/allowedResources/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/allowedResources/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/excludedElements/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/ajaxSpider/view/fullResults/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/fullResults/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/numberOfResults/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/numberOfResults/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionBrowserId/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionBrowserId/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionClickDefaultElems/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionClickDefaultElems/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionClickElemsOnce/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionClickElemsOnce/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionEventWait/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionEventWait/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlDepth/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlDepth/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlStates/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlStates/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxDuration/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxDuration/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionNumberOfBrowsers/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionNumberOfBrowsers/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionRandomInputs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionRandomInputs/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionReloadWait/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/optionReloadWait/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/results/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "count" "start" ].
URL http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "count" "start" ].
URL http://localhost:3000/UI/ajaxSpider/view/status/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ajaxSpider/view/status/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alert/action/addAlert/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attack" "button" "confidenceId" "cweId" "description" "evidence" "messageId" "name" "otherInfo" "param" "references" "riskId" "solution" "wascId" ].
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attack" "button" "confidenceId" "cweId" "description" "evidence" "messageId" "name" "otherInfo" "param" "references" "riskId" "solution" "wascId" ].
URL http://localhost:3000/UI/alert/action/deleteAlert/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/alert/action/deleteAlerts/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "contextName" "riskId" ].
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "contextName" "riskId" ].
URL http://localhost:3000/UI/alert/action/deleteAllAlerts/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alert/action/deleteAllAlerts/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alert/action/updateAlert/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attack" "button" "confidenceId" "cweId" "description" "evidence" "id" "name" "otherInfo" "param" "references" "riskId" "solution" "wascId" ].
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attack" "button" "confidenceId" "cweId" "description" "evidence" "id" "name" "otherInfo" "param" "references" "riskId" "solution" "wascId" ].
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "confidenceId" "ids" ].
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "confidenceId" "ids" ].
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" "riskId" ].
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" "riskId" ].
URL http://localhost:3000/UI/alert/view/alert/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/alert/view/alertCountsByRisk/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "recurse" "url" ].
URL http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "recurse" "url" ].
URL http://localhost:3000/UI/alert/view/alerts/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "contextName" "count" "riskId" "start" ].
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "contextName" "count" "riskId" "start" ].
URL http://localhost:3000/UI/alert/view/alertsByRisk/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "recurse" "url" ].
URL http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "recurse" "url" ].
URL http://localhost:3000/UI/alert/view/alertsSummary/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" ].
URL http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" ].
URL http://localhost:3000/UI/alert/view/numberOfAlerts/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "riskId" ].
URL http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "riskId" ].
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attack" "attackIsRegex" "button" "contextId" "enabled" "evidence" "evidenceIsRegex" "methods" "newLevel" "parameter" "parameterIsRegex" "ruleId" "url" "urlIsRegex" ].
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attack" "attackIsRegex" "button" "contextId" "enabled" "evidence" "evidenceIsRegex" "methods" "newLevel" "parameter" "parameterIsRegex" "ruleId" "url" "urlIsRegex" ].
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attack" "attackIsRegex" "button" "enabled" "evidence" "evidenceIsRegex" "methods" "newLevel" "parameter" "parameterIsRegex" "ruleId" "url" "urlIsRegex" ].
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attack" "attackIsRegex" "button" "enabled" "evidence" "evidenceIsRegex" "methods" "newLevel" "parameter" "parameterIsRegex" "ruleId" "url" "urlIsRegex" ].
URL http://localhost:3000/UI/alertFilter/action/applyAll/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/action/applyAll/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/action/applyContext/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/action/applyContext/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/action/applyGlobal/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/action/applyGlobal/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attack" "attackIsRegex" "button" "contextId" "enabled" "evidence" "evidenceIsRegex" "methods" "newLevel" "parameter" "parameterIsRegex" "ruleId" "url" "urlIsRegex" ].
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attack" "attackIsRegex" "button" "contextId" "enabled" "evidence" "evidenceIsRegex" "methods" "newLevel" "parameter" "parameterIsRegex" "ruleId" "url" "urlIsRegex" ].
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attack" "attackIsRegex" "button" "enabled" "evidence" "evidenceIsRegex" "methods" "newLevel" "parameter" "parameterIsRegex" "ruleId" "url" "urlIsRegex" ].
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attack" "attackIsRegex" "button" "enabled" "evidence" "evidenceIsRegex" "methods" "newLevel" "parameter" "parameterIsRegex" "ruleId" "url" "urlIsRegex" ].
URL http://localhost:3000/UI/alertFilter/action/testAll/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/action/testAll/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/action/testContext/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/action/testContext/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/action/testGlobal/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/action/testGlobal/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/view/alertFilterList/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/alertFilter/view/globalAlertFilterList/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/alertFilter/view/globalAlertFilterList/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/action/addExcludedParam/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "name" "type" "url" ].
URL http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "name" "type" "url" ].
URL http://localhost:3000/UI/ascan/action/addScanPolicy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "alertThreshold" "apikey" "attackStrength" "button" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "alertThreshold" "apikey" "attackStrength" "button" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/clearExcludedFromScan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/action/clearExcludedFromScan/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/action/disableAllScanners/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/disableScanners/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/enableAllScanners/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/enableScanners/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/excludeFromScan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "regex" ].
URL http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "regex" ].
URL http://localhost:3000/UI/ascan/action/importScanPolicy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "path" ].
URL http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "path" ].
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "idx" "name" "type" "url" ].
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "idx" "name" "type" "url" ].
URL http://localhost:3000/UI/ascan/action/pause/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/action/pauseAllScans/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/action/pauseAllScans/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/action/removeAllScans/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/action/removeAllScans/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/action/removeExcludedParam/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "idx" ].
URL http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "idx" ].
URL http://localhost:3000/UI/ascan/action/removeScan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/action/removeScanPolicy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/resume/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/action/resumeAllScans/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/action/resumeAllScans/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/action/scan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "inScopeOnly" "method" "postData" "recurse" "scanPolicyName" "url" ].
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "inScopeOnly" "method" "postData" "recurse" "scanPolicyName" "url" ].
URL http://localhost:3000/UI/ascan/action/scanAsUser/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "method" "postData" "recurse" "scanPolicyName" "url" "userId" ].
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "method" "postData" "recurse" "scanPolicyName" "url" "userId" ].
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/ascan/action/setOptionDelayInMs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionHostPerScan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "alertThreshold" "apikey" "button" "id" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "alertThreshold" "apikey" "button" "id" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attackStrength" "button" "id" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attackStrength" "button" "id" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "alertThreshold" "apikey" "button" "id" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "alertThreshold" "apikey" "button" "id" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attackStrength" "button" "id" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "attackStrength" "button" "id" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/skipScanner/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" "scannerId" ].
URL http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" "scannerId" ].
URL http://localhost:3000/UI/ascan/action/stop/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/action/stopAllScans/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/action/stopAllScans/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "alertThreshold" "apikey" "attackStrength" "button" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "alertThreshold" "apikey" "attackStrength" "button" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/view/alertsIds/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/view/attackModeQueue/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/attackModeQueue/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/excludedFromScan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/excludedFromScan/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/excludedParams/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/excludedParams/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/excludedParamTypes/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/excludedParamTypes/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/messagesIds/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/view/optionAddQueryParam/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionAddQueryParam/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionAllowAttackOnStart/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionAllowAttackOnStart/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionAttackPolicy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionAttackPolicy/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionDefaultPolicy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionDefaultPolicy/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionDelayInMs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionDelayInMs/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionExcludedParamList/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionExcludedParamList/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionHandleAntiCSRFTokens/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionHandleAntiCSRFTokens/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionHostPerScan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionHostPerScan/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionInjectPluginIdInHeader/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionInjectPluginIdInHeader/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionMaxAlertsPerRule/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionMaxAlertsPerRule/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionMaxChartTimeInMins/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionMaxChartTimeInMins/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionMaxResultsToList/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionMaxResultsToList/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionMaxRuleDurationInMins/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionMaxRuleDurationInMins/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionMaxScanDurationInMins/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionMaxScanDurationInMins/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionMaxScansInUI/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionMaxScansInUI/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionPromptInAttackMode/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionPromptInAttackMode/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionPromptToClearFinishedScans/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionPromptToClearFinishedScans/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionRescanInAttackMode/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionRescanInAttackMode/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionScanHeadersAllRequests/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionScanHeadersAllRequests/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionScanNullJsonValues/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionScanNullJsonValues/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionShowAdvancedDialog/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionShowAdvancedDialog/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionTargetParamsEnabledRPC/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionTargetParamsEnabledRPC/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionTargetParamsInjectable/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionTargetParamsInjectable/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionThreadPerHost/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/optionThreadPerHost/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/policies/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "policyId" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "policyId" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/view/scanners/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "policyId" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "policyId" "scanPolicyName" ].
URL http://localhost:3000/UI/ascan/view/scanPolicyNames/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/scanPolicyNames/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/scanProgress/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/view/scans/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/scans/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ascan/view/status/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "authMethodConfigParams" "authMethodName" "button" "contextId" ].
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "authMethodConfigParams" "authMethodName" "button" "contextId" ].
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "loggedInIndicatorRegex" ].
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "loggedInIndicatorRegex" ].
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "loggedOutIndicatorRegex" ].
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "loggedOutIndicatorRegex" ].
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethod/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "authMethodName" "button" ].
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "authMethodName" "button" ].
URL http://localhost:3000/UI/authentication/view/getLoggedInIndicator/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/authentication/view/getSupportedAuthenticationMethods/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/authentication/view/getSupportedAuthenticationMethods/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "bodyRegex" "button" "contextId" "headerRegex" "logicalOperator" "statusCode" ].
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "bodyRegex" "button" "contextId" "headerRegex" "logicalOperator" "statusCode" ].
URL http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/automation/action/endDelayJob/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/automation/action/endDelayJob/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/automation/action/runPlan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/automation/view/planProgress/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "planId" ].
URL http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "planId" ].
URL http://localhost:3000/UI/autoupdate/action/downloadLatestRelease/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/action/downloadLatestRelease/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/action/installAddon/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/autoupdate/action/uninstallAddon/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/autoupdate/view/installedAddons/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/installedAddons/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/isLatestVersion/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/isLatestVersion/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/latestVersionNumber/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/latestVersionNumber/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/localAddons/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/localAddons/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/marketplaceAddons/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/marketplaceAddons/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/newAddons/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/newAddons/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionAddonDirectories/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionAddonDirectories/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionCheckAddonUpdates/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionCheckAddonUpdates/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionCheckOnStart/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionCheckOnStart/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionDayLastChecked/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionDayLastChecked/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionDayLastInstallWarned/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionDayLastInstallWarned/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionDayLastUpdateWarned/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionDayLastUpdateWarned/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionDownloadDirectory/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionDownloadDirectory/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionDownloadNewRelease/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionDownloadNewRelease/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionInstallAddonUpdates/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionInstallAddonUpdates/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionInstallScannerRules/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionInstallScannerRules/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionReportAlphaAddons/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionReportAlphaAddons/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionReportBetaAddons/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionReportBetaAddons/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionReportReleaseAddons/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/optionReportReleaseAddons/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/updatedAddons/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/autoupdate/view/updatedAddons/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ignorecase" "inverse" "location" "match" "string" ].
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ignorecase" "inverse" "location" "match" "string" ].
URL http://localhost:3000/UI/break/action/break/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scope" "state" "type" ].
URL http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scope" "state" "type" ].
URL http://localhost:3000/UI/break/action/continue/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/action/continue/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/action/drop/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/action/drop/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ignorecase" "inverse" "location" "match" "string" ].
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ignorecase" "inverse" "location" "match" "string" ].
URL http://localhost:3000/UI/break/action/setHttpMessage/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "httpBody" "httpHeader" ].
URL http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "httpBody" "httpHeader" ].
URL http://localhost:3000/UI/break/action/step/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/action/step/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "keepalive" "poll" ].
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "keepalive" "poll" ].
URL http://localhost:3000/UI/break/view/httpMessage/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/view/httpMessage/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/view/isBreakAll/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/view/isBreakAll/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/view/isBreakRequest/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/view/isBreakRequest/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/view/isBreakResponse/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/break/view/isBreakResponse/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/context/action/excludeAllContextTechnologies/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "technologyNames" ].
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "technologyNames" ].
URL http://localhost:3000/UI/context/action/excludeFromContext/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "regex" ].
URL http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "regex" ].
URL http://localhost:3000/UI/context/action/exportContext/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextFile" "contextName" ].
URL http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextFile" "contextName" ].
URL http://localhost:3000/UI/context/action/importContext/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextFile" ].
URL http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextFile" ].
URL http://localhost:3000/UI/context/action/includeAllContextTechnologies/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/action/includeContextTechnologies/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "technologyNames" ].
URL http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "technologyNames" ].
URL http://localhost:3000/UI/context/action/includeInContext/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "regex" ].
URL http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "regex" ].
URL http://localhost:3000/UI/context/action/newContext/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/action/removeContext/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "checkingStrategy" "contextName" "pollData" "pollFrequency" "pollFrequencyUnits" "pollHeaders" "pollUrl" ].
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "checkingStrategy" "contextName" "pollData" "pollFrequency" "pollFrequencyUnits" "pollHeaders" "pollUrl" ].
URL http://localhost:3000/UI/context/action/setContextInScope/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "booleanInScope" "button" "contextName" ].
URL http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "booleanInScope" "button" "contextName" ].
URL http://localhost:3000/UI/context/action/setContextRegexs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "excRegexs" "incRegexs" ].
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "excRegexs" "incRegexs" ].
URL http://localhost:3000/UI/context/view/context/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/view/contextList/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/context/view/contextList/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/context/view/excludedTechnologyList/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/view/excludeRegexs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/view/includedTechnologyList/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/view/includeRegexs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/view/technologyList/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/context/view/technologyList/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/context/view/urls/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" ].
URL http://localhost:3000/UI/core/action/accessUrl/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "followRedirects" "url" ].
URL http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "followRedirects" "url" ].
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "isEnabled" "isRegex" "value" ].
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "isEnabled" "isRegex" "value" ].
URL http://localhost:3000/UI/core/action/clearExcludedFromProxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/clearExcludedFromProxy/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/createSbomZip/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/core/action/deleteAlert/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/core/action/deleteAllAlerts/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/deleteAllAlerts/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/deleteSiteNode/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "method" "postData" "url" ].
URL http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "method" "postData" "url" ].
URL http://localhost:3000/UI/core/action/disableAllProxyChainExcludedDomains/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/disableAllProxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/disableClientCertificate/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/disableClientCertificate/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/enableAllProxyChainExcludedDomains/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/enableAllProxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" "index" "password" ].
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" "index" "password" ].
URL http://localhost:3000/UI/core/action/excludeFromProxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "regex" ].
URL http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "regex" ].
URL http://localhost:3000/UI/core/action/generateRootCA/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/generateRootCA/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/loadSession/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "name" ].
URL http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "name" ].
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "idx" "isEnabled" "isRegex" "value" ].
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "idx" "isEnabled" "isRegex" "value" ].
URL http://localhost:3000/UI/core/action/newSession/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "name" "overwrite" ].
URL http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "name" "overwrite" ].
URL http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "idx" ].
URL http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "idx" ].
URL http://localhost:3000/UI/core/action/runGarbageCollection/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/runGarbageCollection/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/saveSession/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "name" "overwrite" ].
URL http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "name" "overwrite" ].
URL http://localhost:3000/UI/core/action/sendRequest/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "followRedirects" "request" ].
URL http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "followRedirects" "request" ].
URL http://localhost:3000/UI/core/action/setHomeDirectory/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "dir" ].
URL http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "dir" ].
URL http://localhost:3000/UI/core/action/setMode/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "mode" ].
URL http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "mode" ].
URL http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "numberOfInstances" ].
URL http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "numberOfInstances" ].
URL http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" ].
URL http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainName/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainPassword/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainPort/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainRealm/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainUserName/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/core/action/setOptionUseProxyChain/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/core/action/setOptionUseSocksProxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/core/action/shutdown/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/shutdown/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/action/snapshotSession/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "name" "overwrite" ].
URL http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "name" "overwrite" ].
URL http://localhost:3000/UI/core/other/fileDownload/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "fileName" ].
URL http://localhost:3000/UI/core/other/fileDownload/override?apikey=ZAP&fileName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "fileName" ].
URL http://localhost:3000/UI/core/other/fileUpload/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override" enctype="multipart/form-data">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "fileContents" "fileName" ].
URL http://localhost:3000/UI/core/other/fileUpload/override?apikey=ZAP&fileContents=test_file.txt&fileName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override" enctype="multipart/form-data">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "fileContents" "fileName" ].
URL http://localhost:3000/UI/core/other/htmlreport/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/other/htmlreport/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/other/jsonreport/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/other/jsonreport/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/other/mdreport/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/other/mdreport/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/other/messageHar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/core/other/messageHar/override?apikey=ZAP&id=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/core/other/messagesHar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "start" ].
URL http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "start" ].
URL http://localhost:3000/UI/core/other/messagesHarById/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" ].
URL http://localhost:3000/UI/core/other/messagesHarById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" ].
URL http://localhost:3000/UI/core/other/proxy.pac/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/other/proxy.pac/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/other/rootcert/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/other/rootcert/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/other/sendHarRequest/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "followRedirects" "request" ].
URL http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "followRedirects" "request" ].
URL http://localhost:3000/UI/core/other/setproxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "proxy" ].
URL http://localhost:3000/UI/core/other/setproxy/override?apikey=ZAP&proxy=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "proxy" ].
URL http://localhost:3000/UI/core/other/xmlreport/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/other/xmlreport/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/alert/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/core/view/alerts/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "riskId" "start" ].
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "riskId" "start" ].
URL http://localhost:3000/UI/core/view/alertsSummary/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" ].
URL http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" ].
URL http://localhost:3000/UI/core/view/childNodes/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "url" ].
URL http://localhost:3000/UI/core/view/childNodes/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "url" ].
URL http://localhost:3000/UI/core/view/excludedFromProxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/excludedFromProxy/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/homeDirectory/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/homeDirectory/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/hosts/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/hosts/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/message/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "id" ].
URL http://localhost:3000/UI/core/view/messages/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "start" ].
URL http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "start" ].
URL http://localhost:3000/UI/core/view/messagesById/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" ].
URL http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" ].
URL http://localhost:3000/UI/core/view/mode/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/mode/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/numberOfAlerts/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "riskId" ].
URL http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "riskId" ].
URL http://localhost:3000/UI/core/view/numberOfMessages/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" ].
URL http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" ].
URL http://localhost:3000/UI/core/view/optionAlertOverridesFilePath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionAlertOverridesFilePath/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionDefaultUserAgent/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionDefaultUserAgent/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionDnsTtlSuccessfulQueries/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionDnsTtlSuccessfulQueries/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionHttpState/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionHttpState/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionHttpStateEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionHttpStateEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionMaximumAlertInstances/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionMaximumAlertInstances/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionMergeRelatedAlerts/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionMergeRelatedAlerts/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainName/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainName/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainPassword/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainPassword/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainPort/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainPort/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainPrompt/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainPrompt/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainRealm/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainRealm/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainSkipName/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainSkipName/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainUserName/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyChainUserName/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomains/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomains/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomainsEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomainsEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionSingleCookieRequestHeader/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionSingleCookieRequestHeader/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionTimeoutInSecs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionTimeoutInSecs/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionUseProxyChain/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionUseProxyChain/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionUseProxyChainAuth/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionUseProxyChainAuth/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionUseSocksProxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/optionUseSocksProxy/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/proxyChainExcludedDomains/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/proxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/sessionLocation/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/sessionLocation/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/sites/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/sites/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/urls/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" ].
URL http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" ].
URL http://localhost:3000/UI/core/view/version/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/version/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/zapHomePath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/core/view/zapHomePath/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/exim/action/importHar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/exim/action/importModsec2Logs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/exim/action/importUrls/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/exim/action/importZapLogs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/exim/other/exportHar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "start" ].
URL http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "start" ].
URL http://localhost:3000/UI/exim/other/exportHarById/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" ].
URL http://localhost:3000/UI/exim/other/exportHarById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" ].
URL http://localhost:3000/UI/exim/other/sendHarRequest/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "followRedirects" "request" ].
URL http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "followRedirects" "request" ].
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "boolean" "button" ].
URL http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "boolean" "button" ].
URL http://localhost:3000/UI/forcedUser/view/getForcedUser/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/forcedUser/view/isForcedUserModeEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/forcedUser/view/isForcedUserModeEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/action/importFile/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "endurl" "file" ].
URL http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "endurl" "file" ].
URL http://localhost:3000/UI/graphql/action/importUrl/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "endurl" "url" ].
URL http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "endurl" "url" ].
URL http://localhost:3000/UI/graphql/action/setOptionArgsType/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/graphql/action/setOptionRequestMethod/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/graphql/view/optionArgsType/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionArgsType/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionLenientMaxQueryDepthEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionLenientMaxQueryDepthEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionMaxAdditionalQueryDepth/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionMaxAdditionalQueryDepth/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionMaxArgsDepth/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionMaxArgsDepth/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionMaxQueryDepth/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionMaxQueryDepth/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionOptionalArgsEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionOptionalArgsEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionQueryGenEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionQueryGenEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionQuerySplitType/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionQuerySplitType/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionRequestMethod/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/graphql/view/optionRequestMethod/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "sessionToken" "tokenEnabled" ].
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "sessionToken" "tokenEnabled" ].
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "sessionToken" "site" ].
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "sessionToken" "site" ].
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "session" "site" ].
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "session" "site" ].
URL http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "sessionToken" ].
URL http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "sessionToken" ].
URL http://localhost:3000/UI/httpSessions/action/removeSession/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "session" "site" ].
URL http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "session" "site" ].
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "sessionToken" "site" ].
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "sessionToken" "site" ].
URL http://localhost:3000/UI/httpSessions/action/renameSession/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "newSessionName" "oldSessionName" "site" ].
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "newSessionName" "oldSessionName" "site" ].
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "session" "site" ].
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "session" "site" ].
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "sessionToken" "tokenEnabled" ].
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "sessionToken" "tokenEnabled" ].
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "session" "sessionToken" "site" "tokenValue" ].
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "session" "sessionToken" "site" "tokenValue" ].
URL http://localhost:3000/UI/httpSessions/action/unsetActiveSession/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "site" ].
URL http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "site" ].
URL http://localhost:3000/UI/httpSessions/view/activeSession/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "site" ].
URL http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "site" ].
URL http://localhost:3000/UI/httpSessions/view/defaultSessionTokens/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/httpSessions/view/defaultSessionTokens/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/httpSessions/view/sessions/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "session" "site" ].
URL http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "session" "site" ].
URL http://localhost:3000/UI/httpSessions/view/sessionTokens/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "site" ].
URL http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "site" ].
URL http://localhost:3000/UI/httpSessions/view/sites/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/httpSessions/view/sites/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/action/log/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "record" ].
URL http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "record" ].
URL http://localhost:3000/UI/hud/action/recordRequest/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "body" "button" "header" ].
URL http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "body" "button" "header" ].
URL http://localhost:3000/UI/hud/action/resetTutorialTasks/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/action/resetTutorialTasks/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionBaseDirectory/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionInScopeOnly/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionRemoveCSP/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/hud/action/setUiOption/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "key" "value" ].
URL http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "key" "value" ].
URL http://localhost:3000/UI/hud/other/changesInHtml/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/other/changesInHtml/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/getUiOption/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "key" ].
URL http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "key" ].
URL http://localhost:3000/UI/hud/view/heartbeat/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/heartbeat/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/hudAlertData/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "url" ].
URL http://localhost:3000/UI/hud/view/hudAlertData/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "url" ].
URL http://localhost:3000/UI/hud/view/optionAllowUnsafeEval/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionAllowUnsafeEval/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionBaseDirectory/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionBaseDirectory/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionDevelopmentMode/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionDevelopmentMode/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionEnabledForDaemon/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionEnabledForDaemon/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionEnabledForDesktop/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionEnabledForDesktop/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionEnableOnDomainMsgs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionEnableOnDomainMsgs/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionEnableTelemetry/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionEnableTelemetry/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionInScopeOnly/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionInScopeOnly/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionRemoveCSP/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionRemoveCSP/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionShowWelcomeScreen/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionShowWelcomeScreen/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionSkipTutorialTasks/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionSkipTutorialTasks/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionTutorialHost/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionTutorialHost/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionTutorialPort/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionTutorialPort/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionTutorialTasksDone/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionTutorialTasksDone/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionTutorialTestMode/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionTutorialTestMode/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionTutorialUpdates/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/optionTutorialUpdates/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/tutorialUpdates/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/tutorialUpdates/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/upgradedDomains/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/hud/view/upgradedDomains/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/keyboard/other/cheatsheetActionOrder/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "incUnset" ].
URL http://localhost:3000/UI/keyboard/other/cheatsheetActionOrder/override?apikey=ZAP&incUnset=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "incUnset" ].
URL http://localhost:3000/UI/keyboard/other/cheatsheetKeyOrder/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "incUnset" ].
URL http://localhost:3000/UI/keyboard/other/cheatsheetKeyOrder/override?apikey=ZAP&incUnset=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "incUnset" ].
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "address" "alwaysDecodeZip" "apikey" "behindNat" "button" "port" "removeUnsupportedEncodings" ].
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "address" "alwaysDecodeZip" "apikey" "behindNat" "button" "port" "removeUnsupportedEncodings" ].
URL http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "address" "apikey" "button" "port" ].
URL http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "address" "apikey" "button" "port" ].
URL http://localhost:3000/UI/localProxies/view/additionalProxies/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/localProxies/view/additionalProxies/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/action/addAlias/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" "name" ].
URL http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" "name" ].
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" "host" ].
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" "host" ].
URL http://localhost:3000/UI/network/action/addLocalServer/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "address" "api" "apikey" "behindNat" "button" "decodeResponse" "port" "proxy" "removeAcceptEncoding" ].
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "address" "api" "apikey" "behindNat" "button" "decodeResponse" "port" "proxy" "removeAcceptEncoding" ].
URL http://localhost:3000/UI/network/action/addPassThrough/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "authority" "button" "enabled" ].
URL http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "authority" "button" "enabled" ].
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" "index" "password" ].
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" "index" "password" ].
URL http://localhost:3000/UI/network/action/addRateLimitRule/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "description" "enabled" "groupBy" "matchRegex" "matchString" "requestsPerSecond" ].
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "description" "enabled" "groupBy" "matchRegex" "matchString" "requestsPerSecond" ].
URL http://localhost:3000/UI/network/action/generateRootCaCert/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/action/generateRootCaCert/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/action/importRootCaCert/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "filePath" ].
URL http://localhost:3000/UI/network/action/removeAlias/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "name" ].
URL http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "name" ].
URL http://localhost:3000/UI/network/action/removeHttpProxyExclusion/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "host" ].
URL http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "host" ].
URL http://localhost:3000/UI/network/action/removeLocalServer/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "address" "apikey" "button" "port" ].
URL http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "address" "apikey" "button" "port" ].
URL http://localhost:3000/UI/network/action/removePassThrough/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "authority" "button" ].
URL http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "authority" "button" ].
URL http://localhost:3000/UI/network/action/removeRateLimitRule/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "description" ].
URL http://localhost:3000/UI/network/action/removeRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "description" ].
URL http://localhost:3000/UI/network/action/setAliasEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" "name" ].
URL http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" "name" ].
URL http://localhost:3000/UI/network/action/setConnectionTimeout/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "timeout" ].
URL http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "timeout" ].
URL http://localhost:3000/UI/network/action/setDefaultUserAgent/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "userAgent" ].
URL http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "userAgent" ].
URL http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ttl" ].
URL http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ttl" ].
URL http://localhost:3000/UI/network/action/setHttpProxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "host" "password" "port" "realm" "username" ].
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "host" "password" "port" "realm" "username" ].
URL http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" ].
URL http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" ].
URL http://localhost:3000/UI/network/action/setHttpProxyEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" ].
URL http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" ].
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" "host" ].
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" "host" ].
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "authority" "button" "enabled" ].
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "authority" "button" "enabled" ].
URL http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "description" "enabled" ].
URL http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "description" "enabled" ].
URL http://localhost:3000/UI/network/action/setRootCaCertValidity/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "validity" ].
URL http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "validity" ].
URL http://localhost:3000/UI/network/action/setServerCertValidity/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "validity" ].
URL http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "validity" ].
URL http://localhost:3000/UI/network/action/setSocksProxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "host" "password" "port" "useDns" "username" "version" ].
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "host" "password" "port" "useDns" "username" "version" ].
URL http://localhost:3000/UI/network/action/setSocksProxyEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" ].
URL http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" ].
URL http://localhost:3000/UI/network/action/setUseClientCertificate/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "use" ].
URL http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "use" ].
URL http://localhost:3000/UI/network/action/setUseGlobalHttpState/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "use" ].
URL http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "use" ].
URL http://localhost:3000/UI/network/other/proxy.pac/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/other/proxy.pac/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/other/rootCaCert/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/other/rootCaCert/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/other/setProxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "proxy" ].
URL http://localhost:3000/UI/network/other/setProxy/override?apikey=ZAP&proxy=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "proxy" ].
URL http://localhost:3000/UI/network/view/getAliases/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getAliases/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getConnectionTimeout/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getConnectionTimeout/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getDefaultUserAgent/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getDefaultUserAgent/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getDnsTtlSuccessfulQueries/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getDnsTtlSuccessfulQueries/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getHttpProxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getHttpProxy/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getHttpProxyExclusions/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getHttpProxyExclusions/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getLocalServers/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getLocalServers/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getPassThroughs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getPassThroughs/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getRateLimitRules/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getRateLimitRules/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getRootCaCertValidity/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getRootCaCertValidity/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getServerCertValidity/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getServerCertValidity/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getSocksProxy/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/getSocksProxy/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/isHttpProxyAuthEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/isHttpProxyAuthEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/isHttpProxyEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/isHttpProxyEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/isSocksProxyEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/isSocksProxyEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/isUseGlobalHttpState/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/network/view/isUseGlobalHttpState/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/openapi/action/importFile/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "file" "target" ].
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "file" "target" ].
URL http://localhost:3000/UI/openapi/action/importUrl/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "hostOverride" "url" ].
URL http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "hostOverride" "url" ].
URL http://localhost:3000/UI/params/view/params/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "site" ].
URL http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "site" ].
URL http://localhost:3000/UI/postman/action/importFile/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "endpointUrl" "file" ].
URL http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "endpointUrl" "file" ].
URL http://localhost:3000/UI/postman/action/importUrl/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "endpointUrl" "url" ].
URL http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "endpointUrl" "url" ].
URL http://localhost:3000/UI/pscan/action/clearQueue/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/action/clearQueue/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/action/disableAllScanners/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/action/disableAllScanners/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/action/disableAllTags/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/action/disableAllTags/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/action/disableScanners/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" ].
URL http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" ].
URL http://localhost:3000/UI/pscan/action/enableAllScanners/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/action/enableAllScanners/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/action/enableAllTags/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/action/enableAllTags/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/action/enableScanners/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" ].
URL http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "ids" ].
URL http://localhost:3000/UI/pscan/action/setEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" ].
URL http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "enabled" ].
URL http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "maxAlerts" ].
URL http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "maxAlerts" ].
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "alertThreshold" "apikey" "button" "id" ].
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "alertThreshold" "apikey" "button" "id" ].
URL http://localhost:3000/UI/pscan/action/setScanOnlyInScope/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "onlyInScope" ].
URL http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "onlyInScope" ].
URL http://localhost:3000/UI/pscan/view/currentRule/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/view/currentRule/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/view/currentTasks/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/view/currentTasks/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/view/maxAlertsPerRule/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/view/maxAlertsPerRule/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/view/recordsToScan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/view/recordsToScan/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/view/scanners/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/view/scanners/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/view/scanOnlyInScope/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/pscan/view/scanOnlyInScope/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/quickstartlaunch/other/startPage/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/quickstartlaunch/other/startPage/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/replacer/action/addRule/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "description" "enabled" "initiators" "matchRegex" "matchString" "matchType" "replacement" "url" ].
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "description" "enabled" "initiators" "matchRegex" "matchString" "matchType" "replacement" "url" ].
URL http://localhost:3000/UI/replacer/action/removeRule/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "description" ].
URL http://localhost:3000/UI/replacer/action/removeRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "description" ].
URL http://localhost:3000/UI/replacer/action/setEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "bool" "button" "description" ].
URL http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "bool" "button" "description" ].
URL http://localhost:3000/UI/replacer/view/rules/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/replacer/view/rules/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/reports/action/generate/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contexts" "description" "display" "includedConfidences" "includedRisks" "reportDir" "reportFileName" "reportFileNamePattern" "sections" "sites" "template" "theme" "title" ].
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contexts" "description" "display" "includedConfidences" "includedRisks" "reportDir" "reportFileName" "reportFileNamePattern" "sections" "sites" "template" "theme" "title" ].
URL http://localhost:3000/UI/reports/view/templateDetails/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "template" ].
URL http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "template" ].
URL http://localhost:3000/UI/reports/view/templates/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/reports/view/templates/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/retest/action/retest/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "alertIds" "apikey" "button" ].
URL http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "alertIds" "apikey" "button" ].
URL http://localhost:3000/UI/reveal/action/setReveal/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "reveal" ].
URL http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "reveal" ].
URL http://localhost:3000/UI/reveal/view/reveal/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/reveal/view/reveal/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ruleConfig/action/resetAllRuleConfigValues/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ruleConfig/action/resetAllRuleConfigValues/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "key" ].
URL http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "key" ].
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "key" "value" ].
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "key" "value" ].
URL http://localhost:3000/UI/ruleConfig/view/allRuleConfigs/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ruleConfig/view/allRuleConfigs/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "key" ].
URL http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "key" ].
URL http://localhost:3000/UI/script/action/clearGlobalCustomVar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "varKey" ].
URL http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "varKey" ].
URL http://localhost:3000/UI/script/action/clearGlobalVar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "varKey" ].
URL http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "varKey" ].
URL http://localhost:3000/UI/script/action/clearGlobalVars/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/script/action/clearGlobalVars/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" "varKey" ].
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" "varKey" ].
URL http://localhost:3000/UI/script/action/clearScriptVar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" "varKey" ].
URL http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" "varKey" ].
URL http://localhost:3000/UI/script/action/clearScriptVars/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/action/disable/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/action/enable/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/action/load/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "charset" "fileName" "scriptDescription" "scriptEngine" "scriptName" "scriptType" ].
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "charset" "fileName" "scriptDescription" "scriptEngine" "scriptName" "scriptType" ].
URL http://localhost:3000/UI/script/action/remove/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/action/runStandAloneScript/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/action/setGlobalVar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "varKey" "varValue" ].
URL http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "varKey" "varValue" ].
URL http://localhost:3000/UI/script/action/setScriptVar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" "varKey" "varValue" ].
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" "varKey" "varValue" ].
URL http://localhost:3000/UI/script/view/globalCustomVar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "varKey" ].
URL http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "varKey" ].
URL http://localhost:3000/UI/script/view/globalCustomVars/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/script/view/globalCustomVars/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/script/view/globalVar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "varKey" ].
URL http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "varKey" ].
URL http://localhost:3000/UI/script/view/globalVars/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/script/view/globalVars/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/script/view/listEngines/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/script/view/listEngines/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/script/view/listScripts/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/script/view/listScripts/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/script/view/listTypes/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/script/view/listTypes/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/script/view/scriptCustomVar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" "varKey" ].
URL http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" "varKey" ].
URL http://localhost:3000/UI/script/view/scriptCustomVars/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/view/scriptVar/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" "varKey" ].
URL http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" "varKey" ].
URL http://localhost:3000/UI/script/view/scriptVars/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scriptName" ].
URL http://localhost:3000/UI/search/other/harByHeaderRegex/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/other/harByRequestRegex/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/other/harByResponseRegex/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/other/harByUrlRegex/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "baseurl" "button" "count" "regex" "start" ].
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "argument" "browser" "button" "enabled" ].
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "argument" "browser" "button" "enabled" ].
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "argument" "browser" "button" ].
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "argument" "browser" "button" ].
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "argument" "browser" "button" "enabled" ].
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "argument" "browser" "button" "enabled" ].
URL http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionLastDirectory/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/selenium/view/getBrowserArguments/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "browser" "button" ].
URL http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "browser" "button" ].
URL http://localhost:3000/UI/selenium/view/optionBrowserExtensions/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionBrowserExtensions/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionChromeBinaryPath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionChromeBinaryPath/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionChromeDriverPath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionChromeDriverPath/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionFirefoxBinaryPath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionFirefoxBinaryPath/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionFirefoxDefaultProfile/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionFirefoxDefaultProfile/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionFirefoxDriverPath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionFirefoxDriverPath/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionIeDriverPath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionIeDriverPath/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionLastDirectory/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionLastDirectory/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionPhantomJsBinaryPath/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/selenium/view/optionPhantomJsBinaryPath/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "methodConfigParams" "methodName" ].
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "methodConfigParams" "methodName" ].
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "methodName" ].
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "methodName" ].
URL http://localhost:3000/UI/sessionManagement/view/getSupportedSessionManagementMethods/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/sessionManagement/view/getSupportedSessionManagementMethods/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/soap/action/importFile/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "file" ].
URL http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "file" ].
URL http://localhost:3000/UI/soap/action/importUrl/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "url" ].
URL http://localhost:3000/UI/soap/action/importUrl/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "url" ].
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "isEnabled" "isRegex" "value" ].
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "isEnabled" "isRegex" "value" ].
URL http://localhost:3000/UI/spider/action/clearExcludedFromScan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/clearExcludedFromScan/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/disableAllDomainsAlwaysInScope/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/disableAllDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/enableAllDomainsAlwaysInScope/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/enableAllDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/excludeFromScan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "regex" ].
URL http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "regex" ].
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "idx" "isEnabled" "isRegex" "value" ].
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "idx" "isEnabled" "isRegex" "value" ].
URL http://localhost:3000/UI/spider/action/pause/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/action/pauseAllScans/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/pauseAllScans/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/removeAllScans/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/removeAllScans/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "idx" ].
URL http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "idx" ].
URL http://localhost:3000/UI/spider/action/removeScan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/action/resume/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/action/resumeAllScans/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/resumeAllScans/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/scan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "maxChildren" "recurse" "subtreeOnly" "url" ].
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextName" "maxChildren" "recurse" "subtreeOnly" "url" ].
URL http://localhost:3000/UI/spider/action/scanAsUser/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "maxChildren" "recurse" "subtreeOnly" "url" "userId" ].
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "maxChildren" "recurse" "subtreeOnly" "url" "userId" ].
URL http://localhost:3000/UI/spider/action/setOptionAcceptCookies/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionHandleParameters/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/spider/action/setOptionMaxChildren/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionMaxDepth/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionMaxDuration/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionParseComments/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionParseDsStore/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionParseGit/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionPostForm/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionProcessForm/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/spider/action/setOptionSkipURLString/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/spider/action/setOptionThreadCount/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/spider/action/setOptionUserAgent/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/spider/action/stop/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/action/stopAllScans/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/action/stopAllScans/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/addedNodes/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/view/allUrls/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/allUrls/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/domainsAlwaysInScope/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/domainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/excludedFromScan/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/excludedFromScan/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/fullResults/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/view/optionAcceptCookies/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionAcceptCookies/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScope/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScopeEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScopeEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionHandleODataParametersVisited/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionHandleODataParametersVisited/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionHandleParameters/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionHandleParameters/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionMaxChildren/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionMaxChildren/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionMaxDepth/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionMaxDepth/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionMaxDuration/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionMaxDuration/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionMaxParseSizeBytes/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionMaxParseSizeBytes/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionMaxScansInUI/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionMaxScansInUI/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionParseComments/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionParseComments/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionParseDsStore/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionParseDsStore/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionParseGit/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionParseGit/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionParseRobotsTxt/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionParseRobotsTxt/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionParseSitemapXml/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionParseSitemapXml/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionParseSVNEntries/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionParseSVNEntries/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionPostForm/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionPostForm/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionProcessForm/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionProcessForm/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionRequestWaitTime/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionRequestWaitTime/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionSendRefererHeader/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionSendRefererHeader/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionShowAdvancedDialog/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionShowAdvancedDialog/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionSkipURLString/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionSkipURLString/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionThreadCount/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionThreadCount/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionUserAgent/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/optionUserAgent/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/results/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/view/scans/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/scans/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/spider/view/status/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "scanId" ].
URL http://localhost:3000/UI/stats/action/clearStats/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "keyPrefix" ].
URL http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "keyPrefix" ].
URL http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "Boolean" "button" ].
URL http://localhost:3000/UI/stats/action/setOptionStatsdHost/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/stats/action/setOptionStatsdPort/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "Integer" ].
URL http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "String" ].
URL http://localhost:3000/UI/stats/view/allSitesStats/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "keyPrefix" ].
URL http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "keyPrefix" ].
URL http://localhost:3000/UI/stats/view/optionInMemoryEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/stats/view/optionInMemoryEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/stats/view/optionStatsdEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/stats/view/optionStatsdEnabled/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/stats/view/optionStatsdHost/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/stats/view/optionStatsdHost/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/stats/view/optionStatsdPort/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/stats/view/optionStatsdPort/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/stats/view/optionStatsdPrefix/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/stats/view/optionStatsdPrefix/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/stats/view/siteStats/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "keyPrefix" "site" ].
URL http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "keyPrefix" "site" ].
URL http://localhost:3000/UI/stats/view/stats/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "keyPrefix" ].
URL http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "keyPrefix" ].
URL http://localhost:3000/UI/users/action/authenticateAsUser/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/action/newUser/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "name" ].
URL http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "name" ].
URL http://localhost:3000/UI/users/action/pollAsUser/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/action/removeUser/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "authCredentialsConfigParams" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "authCredentialsConfigParams" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/action/setAuthenticationState/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "lastPollResult" "lastPollTimeInMs" "requestsSinceLastPoll" "userId" ].
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "lastPollResult" "lastPollTimeInMs" "requestsSinceLastPoll" "userId" ].
URL http://localhost:3000/UI/users/action/setCookie/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "domain" "name" "path" "secure" "userId" "value" ].
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "domain" "name" "path" "secure" "userId" "value" ].
URL http://localhost:3000/UI/users/action/setUserEnabled/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "enabled" "userId" ].
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "enabled" "userId" ].
URL http://localhost:3000/UI/users/action/setUserName/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "name" "userId" ].
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "name" "userId" ].
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/users/view/getAuthenticationSession/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/view/getAuthenticationState/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/view/getUserById/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" "userId" ].
URL http://localhost:3000/UI/users/view/usersList/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "contextId" ].
URL http://localhost:3000/UI/websocket/action/sendTextMessage/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "channelId" "message" "outgoing" ].
URL http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "channelId" "message" "outgoing" ].
URL http://localhost:3000/UI/websocket/action/setBreakTextMessage/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "message" "outgoing" ].
URL http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "message" "outgoing" ].
URL http://localhost:3000/UI/websocket/view/breakTextMessage/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/websocket/view/breakTextMessage/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/websocket/view/channels/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/websocket/view/channels/override?apikey=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" ].
URL http://localhost:3000/UI/websocket/view/message/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "channelId" "messageId" ].
URL http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "channelId" "messageId" ].
URL http://localhost:3000/UI/websocket/view/messages/
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "channelId" "count" "payloadPreviewLength" "start" ].
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter
Atak
Evidence <form id="zapform" name="zapform" action="override">
Other Info No known Anti-CSRF token [anticsrf, CSRFToken, __RequestVerificationToken, csrfmiddlewaretoken, authenticity_token, OWASP_CSRFTOKEN, anoncsrf, csrf_token, _csrf, _csrfSecret, __csrf_magic, CSRF, _token, _csrf_token] was found in the following HTML form: [Form 1: "apikey" "button" "channelId" "count" "payloadPreviewLength" "start" ].
Instances 1338
Solution
Faza: Architektura i Projektowanie

Używaj sprawdzonej biblioteki lub struktury, które nie pozwalają na wystąpienie tego osłabienia lub wprowadzają konstrukcje, które sprawiają, że to osłabienie jest łatwiejsze do uniknięcia.

Na przykład, używaj pakietów anty-CSRF takich jak OWASP CSRFGuard.

Faza: Implementacja

Upewnij się, że twoja aplikacja jest wolna od kwestii cross-site scripting, ponieważ większość obron CSRF mogą być ominięte przez kontrolowany przez atakującego skrypt.

Fazy: Architektura i Projektowanie

Wygeneruj unikalny numer dla każdego formularza, umieść go w formularzu i zweryfikuj wartość jednorazową po otrzymaniu formularza. Upewnij się, że liczba nie będzie przewidywalna (CWE-330).

Zwróć uwagę na to, że może to być ominięte używając XSS.

Identyfikuj zwłaszcza niebezpieczne działania. Kiedy użytkownik przeprowadza niebezpieczną operację, wyślij odrębne żądanie potwierdzenia by upewnić się, że użytkownik jest przeznaczony do przeprowadzenia tego działania.

Zwróć uwagę na to, że może to być ominięte używając XSS.

Używaj regulacji Zarządzania Sesją ESAPI.

Ta kontrola obejmuje komponent dla CSRF.

Nie używaj metody GET dla żadnego żądania, która uruchamia zmianę stanu.

Faza: Implementacja

Sprawdź nagłówek HTTP Referer, aby sprawdzić, czy żądanie pochodzi z oczekiwanej strony. To mogłoby przerwać prawowitą funkcjonalność, ponieważ użytkownicy lub proxy mogłyby zostać wyłączone wysyłając dla Referer prywatnych powodów.
Reference http://projects.webappsec.org/Cross-Site-Request-Forgery
https://cwe.mitre.org/data/definitions/352.html
CWE Id 352
WASC Id 9
Plugin Id 10202
Średni
CSP: Wildcard Directive
Opis
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks. Including (but not limited to) Cross Site Scripting (XSS), and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
URL http://localhost:3000/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/OTHER/network/other/proxy.pac/?apinonce=4d9a8b33d437a1e0
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/action/addOptionToken/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/action/removeOptionToken/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/other/genForm/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/view/optionPartialMatchingEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/view/optionPartialMatchingEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/view/optionTokensNames/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/acsrf/view/optionTokensNames/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/scan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/stop/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/action/stop/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/allowedResources/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/allowedResources/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/excludedElements/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/fullResults/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/fullResults/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/numberOfResults/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/numberOfResults/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionBrowserId/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionBrowserId/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionClickDefaultElems/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionClickDefaultElems/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionClickElemsOnce/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionClickElemsOnce/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionEventWait/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionEventWait/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlDepth/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlDepth/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlStates/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlStates/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxDuration/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxDuration/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionNumberOfBrowsers/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionNumberOfBrowsers/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionRandomInputs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionRandomInputs/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionReloadWait/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/optionReloadWait/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/results/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/status/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ajaxSpider/view/status/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/addAlert/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/deleteAlert/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/deleteAlerts/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/deleteAllAlerts/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/deleteAllAlerts/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/updateAlert/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/view/alert/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/view/alertCountsByRisk/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/view/alerts/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/view/alertsByRisk/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/view/alertsSummary/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/view/numberOfAlerts/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/applyAll/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/applyAll/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/applyContext/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/applyContext/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/applyGlobal/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/applyGlobal/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/testAll/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/testAll/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/testContext/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/testContext/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/testGlobal/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/action/testGlobal/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/view/alertFilterList/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/view/globalAlertFilterList/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/alertFilter/view/globalAlertFilterList/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/addExcludedParam/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/addScanPolicy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/clearExcludedFromScan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/clearExcludedFromScan/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/disableAllScanners/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/disableScanners/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/enableAllScanners/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/enableScanners/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/excludeFromScan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/importScanPolicy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/pause/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/pauseAllScans/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/pauseAllScans/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/removeAllScans/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/removeAllScans/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/removeExcludedParam/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/removeScan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/removeScanPolicy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/resume/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/resumeAllScans/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/resumeAllScans/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/scan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/scanAsUser/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionDelayInMs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionHostPerScan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/skipScanner/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/stop/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/stopAllScans/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/stopAllScans/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/alertsIds/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/attackModeQueue/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/attackModeQueue/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/excludedFromScan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/excludedFromScan/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/excludedParams/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/excludedParams/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/excludedParamTypes/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/excludedParamTypes/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/messagesIds/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionAddQueryParam/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionAddQueryParam/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionAllowAttackOnStart/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionAllowAttackOnStart/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionAttackPolicy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionAttackPolicy/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionDefaultPolicy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionDefaultPolicy/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionDelayInMs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionDelayInMs/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionExcludedParamList/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionExcludedParamList/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionHandleAntiCSRFTokens/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionHandleAntiCSRFTokens/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionHostPerScan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionHostPerScan/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionInjectPluginIdInHeader/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionInjectPluginIdInHeader/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionMaxAlertsPerRule/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionMaxAlertsPerRule/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionMaxChartTimeInMins/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionMaxChartTimeInMins/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionMaxResultsToList/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionMaxResultsToList/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionMaxRuleDurationInMins/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionMaxRuleDurationInMins/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionMaxScanDurationInMins/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionMaxScanDurationInMins/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionMaxScansInUI/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionMaxScansInUI/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionPromptInAttackMode/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionPromptInAttackMode/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionPromptToClearFinishedScans/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionPromptToClearFinishedScans/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionRescanInAttackMode/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionRescanInAttackMode/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionScanHeadersAllRequests/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionScanHeadersAllRequests/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionScanNullJsonValues/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionScanNullJsonValues/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionShowAdvancedDialog/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionShowAdvancedDialog/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionTargetParamsEnabledRPC/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionTargetParamsEnabledRPC/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionTargetParamsInjectable/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionTargetParamsInjectable/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionThreadPerHost/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/optionThreadPerHost/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/policies/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/scanners/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/scanPolicyNames/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/scanPolicyNames/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/scanProgress/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/scans/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/scans/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/status/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethod/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/view/getLoggedInIndicator/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/view/getSupportedAuthenticationMethods/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authentication/view/getSupportedAuthenticationMethods/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authorization/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/automation/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/automation/action/endDelayJob/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/automation/action/endDelayJob/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/automation/action/runPlan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/automation/view/planProgress/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/downloadLatestRelease/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/downloadLatestRelease/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/installAddon/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/uninstallAddon/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/installedAddons/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/installedAddons/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/isLatestVersion/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/isLatestVersion/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/latestVersionNumber/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/latestVersionNumber/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/localAddons/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/localAddons/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/marketplaceAddons/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/marketplaceAddons/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/newAddons/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/newAddons/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionAddonDirectories/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionAddonDirectories/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionCheckAddonUpdates/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionCheckAddonUpdates/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionCheckOnStart/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionCheckOnStart/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionDayLastChecked/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionDayLastChecked/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionDayLastInstallWarned/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionDayLastInstallWarned/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionDayLastUpdateWarned/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionDayLastUpdateWarned/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionDownloadDirectory/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionDownloadDirectory/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionDownloadNewRelease/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionDownloadNewRelease/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionInstallAddonUpdates/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionInstallAddonUpdates/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionInstallScannerRules/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionInstallScannerRules/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionReportAlphaAddons/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionReportAlphaAddons/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionReportBetaAddons/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionReportBetaAddons/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionReportReleaseAddons/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/optionReportReleaseAddons/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/updatedAddons/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/autoupdate/view/updatedAddons/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/break/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/continue/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/continue/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/drop/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/drop/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/setHttpMessage/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/step/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/action/step/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/view/httpMessage/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/view/httpMessage/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/view/isBreakAll/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/view/isBreakAll/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/view/isBreakRequest/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/view/isBreakRequest/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/view/isBreakResponse/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/break/view/isBreakResponse/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/excludeAllContextTechnologies/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/excludeFromContext/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/exportContext/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/importContext/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/includeAllContextTechnologies/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/includeContextTechnologies/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/includeInContext/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/newContext/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/removeContext/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/setContextInScope/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/setContextRegexs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/context/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/contextList/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/contextList/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/excludedTechnologyList/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/excludeRegexs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/includedTechnologyList/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/includeRegexs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/technologyList/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/technologyList/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/urls/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/accessUrl/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/clearExcludedFromProxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/clearExcludedFromProxy/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/createSbomZip/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/deleteAlert/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/deleteAllAlerts/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/deleteAllAlerts/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/deleteSiteNode/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/disableAllProxyChainExcludedDomains/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/disableAllProxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/disableClientCertificate/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/disableClientCertificate/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/enableAllProxyChainExcludedDomains/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/enableAllProxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/excludeFromProxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/generateRootCA/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/generateRootCA/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/loadSession/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/newSession/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/runGarbageCollection/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/runGarbageCollection/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/saveSession/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/sendRequest/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setHomeDirectory/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setMode/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainName/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainPassword/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainPort/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainRealm/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainUserName/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionUseProxyChain/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionUseSocksProxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/shutdown/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/shutdown/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/snapshotSession/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/fileDownload/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/fileDownload/override?apikey=ZAP&fileName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/fileUpload/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/fileUpload/override?apikey=ZAP&fileContents=test_file.txt&fileName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/htmlreport/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/htmlreport/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/jsonreport/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/jsonreport/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/mdreport/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/mdreport/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/messageHar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/messageHar/override?apikey=ZAP&id=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/messagesHar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/messagesHarById/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/messagesHarById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/proxy.pac/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/proxy.pac/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/rootcert/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/rootcert/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/sendHarRequest/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/setproxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/setproxy/override?apikey=ZAP&proxy=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/xmlreport/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/other/xmlreport/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/alert/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/alerts/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/alertsSummary/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/childNodes/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/childNodes/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/excludedFromProxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/excludedFromProxy/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/homeDirectory/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/homeDirectory/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/hosts/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/hosts/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/message/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/messages/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/messagesById/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/mode/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/mode/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/numberOfAlerts/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/numberOfMessages/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionAlertOverridesFilePath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionAlertOverridesFilePath/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionDefaultUserAgent/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionDefaultUserAgent/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionDnsTtlSuccessfulQueries/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionDnsTtlSuccessfulQueries/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionHttpState/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionHttpState/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionHttpStateEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionHttpStateEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionMaximumAlertInstances/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionMaximumAlertInstances/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionMergeRelatedAlerts/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionMergeRelatedAlerts/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainName/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainName/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainPassword/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainPassword/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainPort/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainPort/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainPrompt/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainPrompt/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainRealm/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainRealm/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainSkipName/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainSkipName/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainUserName/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyChainUserName/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomains/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomains/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomainsEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomainsEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionSingleCookieRequestHeader/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionSingleCookieRequestHeader/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionTimeoutInSecs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionTimeoutInSecs/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionUseProxyChain/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionUseProxyChain/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionUseProxyChainAuth/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionUseProxyChainAuth/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionUseSocksProxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/optionUseSocksProxy/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/proxyChainExcludedDomains/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/proxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/sessionLocation/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/sessionLocation/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/sites/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/sites/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/urls/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/version/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/version/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/zapHomePath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/core/view/zapHomePath/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/action/importHar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/action/importModsec2Logs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/action/importUrls/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/action/importZapLogs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/other/exportHar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/other/exportHarById/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/other/exportHarById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/other/sendHarRequest/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/forcedUser/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/forcedUser/view/getForcedUser/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/forcedUser/view/isForcedUserModeEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/forcedUser/view/isForcedUserModeEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/importFile/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/importUrl/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionArgsType/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionRequestMethod/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionArgsType/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionArgsType/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionLenientMaxQueryDepthEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionLenientMaxQueryDepthEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionMaxAdditionalQueryDepth/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionMaxAdditionalQueryDepth/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionMaxArgsDepth/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionMaxArgsDepth/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionMaxQueryDepth/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionMaxQueryDepth/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionOptionalArgsEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionOptionalArgsEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionQueryGenEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionQueryGenEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionQuerySplitType/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionQuerySplitType/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionRequestMethod/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/graphql/view/optionRequestMethod/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/removeSession/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/renameSession/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/unsetActiveSession/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/view/activeSession/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/view/defaultSessionTokens/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/view/defaultSessionTokens/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/view/sessions/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/view/sessionTokens/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/view/sites/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/httpSessions/view/sites/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/log/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/recordRequest/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/resetTutorialTasks/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/resetTutorialTasks/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionBaseDirectory/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionInScopeOnly/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionRemoveCSP/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setUiOption/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/other/changesInHtml/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/other/changesInHtml/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/getUiOption/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/heartbeat/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/heartbeat/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/hudAlertData/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/hudAlertData/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionAllowUnsafeEval/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionAllowUnsafeEval/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionBaseDirectory/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionBaseDirectory/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionDevelopmentMode/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionDevelopmentMode/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionEnabledForDaemon/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionEnabledForDaemon/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionEnabledForDesktop/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionEnabledForDesktop/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionEnableOnDomainMsgs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionEnableOnDomainMsgs/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionEnableTelemetry/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionEnableTelemetry/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionInScopeOnly/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionInScopeOnly/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionRemoveCSP/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionRemoveCSP/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionShowWelcomeScreen/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionShowWelcomeScreen/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionSkipTutorialTasks/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionSkipTutorialTasks/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionTutorialHost/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionTutorialHost/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionTutorialPort/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionTutorialPort/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionTutorialTasksDone/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionTutorialTasksDone/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionTutorialTestMode/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionTutorialTestMode/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionTutorialUpdates/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/optionTutorialUpdates/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/tutorialUpdates/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/tutorialUpdates/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/upgradedDomains/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hud/view/upgradedDomains/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/hudfiles/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/keyboard/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/keyboard/other/cheatsheetActionOrder/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/keyboard/other/cheatsheetActionOrder/override?apikey=ZAP&incUnset=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/keyboard/other/cheatsheetKeyOrder/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/keyboard/other/cheatsheetKeyOrder/override?apikey=ZAP&incUnset=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/localProxies/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/localProxies/view/additionalProxies/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/localProxies/view/additionalProxies/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/addAlias/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/addLocalServer/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/addPassThrough/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/addRateLimitRule/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/generateRootCaCert/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/generateRootCaCert/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/importRootCaCert/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/removeAlias/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/removeHttpProxyExclusion/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/removeLocalServer/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/removePassThrough/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/removeRateLimitRule/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/removeRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setAliasEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setConnectionTimeout/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setDefaultUserAgent/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setHttpProxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setHttpProxyEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setRootCaCertValidity/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setServerCertValidity/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setSocksProxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setSocksProxyEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setUseClientCertificate/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setUseGlobalHttpState/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/other/proxy.pac/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/other/proxy.pac/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/other/rootCaCert/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/other/rootCaCert/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/other/setProxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/other/setProxy/override?apikey=ZAP&proxy=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getAliases/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getAliases/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getConnectionTimeout/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getConnectionTimeout/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getDefaultUserAgent/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getDefaultUserAgent/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getDnsTtlSuccessfulQueries/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getDnsTtlSuccessfulQueries/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getHttpProxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getHttpProxy/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getHttpProxyExclusions/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getHttpProxyExclusions/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getLocalServers/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getLocalServers/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getPassThroughs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getPassThroughs/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getRateLimitRules/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getRateLimitRules/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getRootCaCertValidity/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getRootCaCertValidity/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getServerCertValidity/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getServerCertValidity/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getSocksProxy/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/getSocksProxy/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/isHttpProxyAuthEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/isHttpProxyAuthEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/isHttpProxyEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/isHttpProxyEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/isSocksProxyEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/isSocksProxyEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/isUseGlobalHttpState/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/network/view/isUseGlobalHttpState/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/openapi/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/openapi/action/importFile/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/openapi/action/importUrl/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/params/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/params/view/params/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/postman/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/postman/action/importFile/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/postman/action/importUrl/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/clearQueue/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/clearQueue/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/disableAllScanners/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/disableAllScanners/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/disableAllTags/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/disableAllTags/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/disableScanners/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/enableAllScanners/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/enableAllScanners/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/enableAllTags/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/enableAllTags/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/enableScanners/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/setEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/setScanOnlyInScope/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/view/currentRule/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/view/currentRule/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/view/currentTasks/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/view/currentTasks/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/view/maxAlertsPerRule/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/view/maxAlertsPerRule/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/view/recordsToScan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/view/recordsToScan/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/view/scanners/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/view/scanners/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/view/scanOnlyInScope/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/pscan/view/scanOnlyInScope/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/quickstartlaunch/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/quickstartlaunch/other/startPage/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/quickstartlaunch/other/startPage/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/replacer/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/replacer/action/addRule/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/replacer/action/removeRule/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/replacer/action/removeRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/replacer/action/setEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/replacer/view/rules/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/replacer/view/rules/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/reports/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/reports/action/generate/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/reports/view/templateDetails/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/reports/view/templates/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/reports/view/templates/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/retest/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/retest/action/retest/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/reveal/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/reveal/action/setReveal/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/reveal/view/reveal/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/reveal/view/reveal/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ruleConfig/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ruleConfig/action/resetAllRuleConfigValues/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ruleConfig/action/resetAllRuleConfigValues/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ruleConfig/view/allRuleConfigs/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ruleConfig/view/allRuleConfigs/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/clearGlobalCustomVar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/clearGlobalVar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/clearGlobalVars/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/clearGlobalVars/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/clearScriptVar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/clearScriptVars/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/disable/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/enable/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/load/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/remove/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/runStandAloneScript/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/setGlobalVar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/setScriptVar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/globalCustomVar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/globalCustomVars/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/globalCustomVars/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/globalVar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/globalVars/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/globalVars/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/listEngines/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/listEngines/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/listScripts/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/listScripts/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/listTypes/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/listTypes/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/scriptCustomVar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/scriptCustomVars/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/scriptVar/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/scriptVars/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/other/harByHeaderRegex/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/other/harByRequestRegex/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/other/harByResponseRegex/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/other/harByUrlRegex/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionLastDirectory/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/getBrowserArguments/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionBrowserExtensions/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionBrowserExtensions/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionChromeBinaryPath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionChromeBinaryPath/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionChromeDriverPath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionChromeDriverPath/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionFirefoxBinaryPath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionFirefoxBinaryPath/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionFirefoxDefaultProfile/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionFirefoxDefaultProfile/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionFirefoxDriverPath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionFirefoxDriverPath/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionIeDriverPath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionIeDriverPath/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionLastDirectory/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionLastDirectory/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionPhantomJsBinaryPath/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/selenium/view/optionPhantomJsBinaryPath/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/sessionManagement/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/sessionManagement/view/getSupportedSessionManagementMethods/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/sessionManagement/view/getSupportedSessionManagementMethods/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/soap/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/soap/action/importFile/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/soap/action/importUrl/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/soap/action/importUrl/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/clearExcludedFromScan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/clearExcludedFromScan/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/disableAllDomainsAlwaysInScope/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/disableAllDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/enableAllDomainsAlwaysInScope/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/enableAllDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/excludeFromScan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/pause/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/pauseAllScans/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/pauseAllScans/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/removeAllScans/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/removeAllScans/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/removeScan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/resume/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/resumeAllScans/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/resumeAllScans/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/scan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/scanAsUser/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionAcceptCookies/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionHandleParameters/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionMaxChildren/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionMaxDepth/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionMaxDuration/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionParseComments/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionParseDsStore/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionParseGit/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionPostForm/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionProcessForm/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionSkipURLString/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionThreadCount/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionUserAgent/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/stop/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/stopAllScans/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/action/stopAllScans/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/addedNodes/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/allUrls/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/allUrls/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/domainsAlwaysInScope/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/domainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/excludedFromScan/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/excludedFromScan/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/fullResults/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionAcceptCookies/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionAcceptCookies/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScope/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScopeEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScopeEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionHandleODataParametersVisited/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionHandleODataParametersVisited/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionHandleParameters/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionHandleParameters/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionMaxChildren/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionMaxChildren/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionMaxDepth/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionMaxDepth/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionMaxDuration/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionMaxDuration/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionMaxParseSizeBytes/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionMaxParseSizeBytes/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionMaxScansInUI/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionMaxScansInUI/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionParseComments/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionParseComments/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionParseDsStore/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionParseDsStore/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionParseGit/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionParseGit/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionParseRobotsTxt/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionParseRobotsTxt/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionParseSitemapXml/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionParseSitemapXml/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionParseSVNEntries/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionParseSVNEntries/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionPostForm/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionPostForm/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionProcessForm/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionProcessForm/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionRequestWaitTime/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionRequestWaitTime/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionSendRefererHeader/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionSendRefererHeader/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionShowAdvancedDialog/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionShowAdvancedDialog/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionSkipURLString/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionSkipURLString/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionThreadCount/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionThreadCount/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionUserAgent/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/optionUserAgent/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/results/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/scans/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/scans/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/status/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/action/clearStats/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/action/setOptionStatsdHost/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/action/setOptionStatsdPort/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/allSitesStats/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/optionInMemoryEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/optionInMemoryEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/optionStatsdEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/optionStatsdEnabled/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/optionStatsdHost/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/optionStatsdHost/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/optionStatsdPort/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/optionStatsdPort/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/optionStatsdPrefix/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/optionStatsdPrefix/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/siteStats/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/stats/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/authenticateAsUser/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/newUser/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/pollAsUser/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/removeUser/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/setAuthenticationState/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/setCookie/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/setUserEnabled/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/setUserName/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/view/getAuthenticationSession/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/view/getAuthenticationState/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/view/getUserById/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/view/usersList/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/action/sendTextMessage/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/action/setBreakTextMessage/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/view/breakTextMessage/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/view/breakTextMessage/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/view/channels/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/view/channels/override?apikey=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/view/message/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/view/messages/
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter Content-Security-Policy
Atak
Evidence default-src 'none'; script-src 'self'; connect-src 'self'; child-src 'self'; img-src 'self' data:; font-src 'self' data:; style-src 'self'
Other Info The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined: frame-ancestors, form-action The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
Instances 1382
Solution
Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header.
Reference http://www.w3.org/TR/CSP2/
http://www.w3.org/TR/CSP/
http://caniuse.com/#search=content+security+policy
http://content-security-policy.com/
https://github.com/shapesecurity/salvation
https://developers.google.com/web/fundamentals/security/csp#policy_applies_to_a_wide_variety_of_resources
CWE Id 693
WASC Id 15
Plugin Id 10055
Informacyjny
Authentication Request Identified
Opis
The given request has been identified as an authentication request. The 'Other Info' field contains a set of key=value lines which identify any relevant fields. If the request is in a context which has an Authentication Method set to "Auto-Detect" then this rule will change the authentication to match the request identified.
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter username
Atak
Evidence password
Other Info userParam=username userValue=ZAP passwordParam=password referer=http://localhost:3000/UI/network/action/setHttpProxy/
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter username
Atak
Evidence password
Other Info userParam=username userValue=ZAP passwordParam=password referer=http://localhost:3000/UI/network/action/setSocksProxy/
Instances 2
Solution
This is an informational alert rather than a vulnerability and so there is nothing to fix.
Reference https://www.zaproxy.org/docs/desktop/addons/authentication-helper/auth-req-id/
CWE Id
WASC Id
Plugin Id 10111
Informacyjny
Information Disclosure - Sensitive Information in URL
Opis
The request appeared to contain sensitive information leaked in the URL. This can violate PCI and most organizational compliance policies. You can configure the list of strings for this check to add or remove values specific to your environment.
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter userName
Atak
Evidence userName
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userName
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter password
Atak
Evidence password
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: pass password
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence sessionToken
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: token sessionToken
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter tokenEnabled
Atak
Evidence tokenEnabled
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: token tokenEnabled
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence sessionToken
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: token sessionToken
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence session
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: session session
URL http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence sessionToken
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: token sessionToken
URL http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence session
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: session session
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence sessionToken
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: token sessionToken
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter newSessionName
Atak
Evidence newSessionName
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: session newSessionName
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter oldSessionName
Atak
Evidence oldSessionName
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: session oldSessionName
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence session
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: session session
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence sessionToken
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: token sessionToken
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter tokenEnabled
Atak
Evidence tokenEnabled
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: token tokenEnabled
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter session
Atak
Evidence session
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: session session
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence sessionToken
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: token sessionToken
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter tokenValue
Atak
Evidence tokenValue
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: token tokenValue
URL http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence session
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: session session
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter password
Atak
Evidence password
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: pass password
URL http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP
Metody GET
Parameter userAgent
Atak
Evidence userAgent
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userAgent
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter password
Atak
Evidence password
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: pass password
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter username
Atak
Evidence username
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user username
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter password
Atak
Evidence password
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: pass password
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter username
Atak
Evidence username
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user username
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
URL http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence userId
Other Info The URL contains potentially sensitive information. The following string was found via the pattern: user userId
Instances 39
Solution
Do not pass sensitive information in URIs.
Reference
CWE Id 200
WASC Id 13
Plugin Id 10024
Informacyjny
User Agent Fuzzer
Opis
Check for differences in response based on fuzzed User Agent (eg. mobile sites, access as a Search Engine Crawler). Compares the response statuscode and the hashcode of the response body with the original response.
URL http://localhost:3000/
Metody GET
Parameter Header User-Agent
Atak Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
URL http://localhost:3000/
Metody GET
Parameter Header User-Agent
Atak Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
URL http://localhost:3000/
Metody GET
Parameter Header User-Agent
Atak Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
URL http://localhost:3000/
Metody GET
Parameter Header User-Agent
Atak Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
URL http://localhost:3000/
Metody GET
Parameter Header User-Agent
Atak Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
URL http://localhost:3000/
Metody GET
Parameter Header User-Agent
Atak Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
URL http://localhost:3000/
Metody GET
Parameter Header User-Agent
Atak Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
URL http://localhost:3000/
Metody GET
Parameter Header User-Agent
Atak Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
URL http://localhost:3000/
Metody GET
Parameter Header User-Agent
Atak Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
URL http://localhost:3000/
Metody GET
Parameter Header User-Agent
Atak Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
URL http://localhost:3000/
Metody GET
Parameter Header User-Agent
Atak Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
URL http://localhost:3000/
Metody GET
Parameter Header User-Agent
Atak msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Instances 12
Solution
Reference https://owasp.org/wstg
CWE Id
WASC Id
Plugin Id 10104
Informacyjny
User Controllable HTML Element Attribute (Potential XSS)
Opis
This check looks at user-supplied input in query string parameters and POST data to identify where certain HTML attribute values might be controlled. This provides hot-spot detection for XSS (cross-site scripting) that will require further review by a security analyst to determine exploitability.
URL http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/addOptionToken/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/removeOptionToken/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/action/setOptionPartialMatchingEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP
Metody GET
Parameter actionUrl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: actionUrl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP
Metody GET
Parameter actionUrl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: actionUrl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP
Metody GET
Parameter hrefId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: hrefId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP
Metody GET
Parameter hrefId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/other/genForm/override?actionUrl=ZAP&apikey=ZAP&hrefId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: hrefId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/view/optionPartialMatchingEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/view/optionPartialMatchingEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/view/optionPartialMatchingEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/view/optionPartialMatchingEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/view/optionPartialMatchingEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/view/optionPartialMatchingEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/acsrf/view/optionTokensNames/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/view/optionTokensNames/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/view/optionTokensNames/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/view/optionTokensNames/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/acsrf/view/optionTokensNames/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/acsrf/view/optionTokensNames/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter attributeName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attributeName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter attributeName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attributeName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter attributeName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attributeName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter attributeValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attributeValue=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter attributeValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attributeValue=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter attributeValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attributeValue=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter element
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: element=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter element
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: element=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter element
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: element=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter text
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: text=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter text
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: text=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter text
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: text=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter xpath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: xpath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter xpath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: xpath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter xpath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/addExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: xpath=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter attributeName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attributeName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter attributeName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attributeName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter attributeName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attributeName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter attributeValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attributeValue=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter attributeValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attributeValue=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter attributeValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attributeValue=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter descriptionNew
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: descriptionNew=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter descriptionNew
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: descriptionNew=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter descriptionNew
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: descriptionNew=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter element
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: element=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter element
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: element=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter element
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: element=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter text
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: text=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter text
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: text=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter text
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: text=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter xpath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: xpath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter xpath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: xpath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP
Metody GET
Parameter xpath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/modifyExcludedElement/override?apikey=ZAP&attributeName=ZAP&attributeValue=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&descriptionNew=ZAP&element=ZAP&enabled=ZAP&text=ZAP&xpath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: xpath=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/removeAllowedResource/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/removeExcludedElement/override?apikey=ZAP&contextName=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter inScope
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: inScope=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter inScope
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: inScope=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter inScope
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: inScope=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter subtreeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: subtreeOnly=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter subtreeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: subtreeOnly=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter subtreeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scan/override?apikey=ZAP&contextName=ZAP&inScope=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: subtreeOnly=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter subtreeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: subtreeOnly=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter subtreeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: subtreeOnly=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter subtreeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: subtreeOnly=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter userName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter userName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP
Metody GET
Parameter userName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/scanAsUser/override?apikey=ZAP&contextName=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setEnabledAllowedResource/override?apikey=ZAP&enabled=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionBrowserId/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionClickDefaultElems/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionClickElemsOnce/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionEventWait/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxCrawlStates/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionNumberOfBrowsers/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionRandomInputs/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/setOptionReloadWait/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/action/stop/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/stop/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/stop/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/stop/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/action/stop/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/action/stop/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/allowedResources/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/allowedResources/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/allowedResources/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/allowedResources/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/allowedResources/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/allowedResources/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/excludedElements/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/fullResults/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/fullResults/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/fullResults/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/fullResults/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/fullResults/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/fullResults/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/numberOfResults/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/numberOfResults/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/numberOfResults/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/numberOfResults/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/numberOfResults/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/numberOfResults/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/optionBrowserId/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionBrowserId/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionBrowserId/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionBrowserId/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionBrowserId/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionBrowserId/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/optionClickDefaultElems/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionClickDefaultElems/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionClickDefaultElems/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionClickDefaultElems/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionClickDefaultElems/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionClickDefaultElems/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/optionClickElemsOnce/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionClickElemsOnce/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionClickElemsOnce/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionClickElemsOnce/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionClickElemsOnce/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionClickElemsOnce/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/optionEventWait/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionEventWait/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionEventWait/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionEventWait/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionEventWait/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionEventWait/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlDepth/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlDepth/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlDepth/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlStates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlStates/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlStates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlStates/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlStates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionMaxCrawlStates/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxDuration/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionMaxDuration/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxDuration/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionMaxDuration/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionMaxDuration/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionMaxDuration/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/optionNumberOfBrowsers/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionNumberOfBrowsers/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionNumberOfBrowsers/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionNumberOfBrowsers/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionNumberOfBrowsers/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionNumberOfBrowsers/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/optionRandomInputs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionRandomInputs/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionRandomInputs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionRandomInputs/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionRandomInputs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionRandomInputs/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/optionReloadWait/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionReloadWait/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionReloadWait/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionReloadWait/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/optionReloadWait/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/optionReloadWait/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/results/override?apikey=ZAP&count=3&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ajaxSpider/view/status/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/status/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/status/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/status/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ajaxSpider/view/status/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ajaxSpider/view/status/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attack=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attack=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attack=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter confidenceId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: confidenceId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter confidenceId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: confidenceId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter confidenceId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: confidenceId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter cweId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: cweId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter cweId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: cweId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter cweId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: cweId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: evidence=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: evidence=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: evidence=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter messageId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: messageId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter messageId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: messageId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter messageId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: messageId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter otherInfo
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: otherInfo=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter otherInfo
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: otherInfo=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter otherInfo
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: otherInfo=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter param
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: param=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter param
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: param=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter param
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: param=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter references
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: references=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter references
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: references=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter references
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: references=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter solution
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: solution=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter solution
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: solution=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter solution
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: solution=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter wascId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: wascId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter wascId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: wascId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter wascId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/addAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&messageId=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: wascId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAlerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/deleteAllAlerts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAllAlerts/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAllAlerts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAllAlerts/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/deleteAllAlerts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/deleteAllAlerts/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attack=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attack=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attack=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter confidenceId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: confidenceId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter confidenceId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: confidenceId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter confidenceId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: confidenceId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter cweId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: cweId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter cweId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: cweId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter cweId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: cweId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: evidence=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: evidence=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: evidence=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter otherInfo
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: otherInfo=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter otherInfo
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: otherInfo=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter otherInfo
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: otherInfo=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter param
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: param=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter param
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: param=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter param
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: param=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter references
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: references=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter references
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: references=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter references
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: references=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter solution
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: solution=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter solution
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: solution=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter solution
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: solution=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter wascId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: wascId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter wascId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: wascId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP
Metody GET
Parameter wascId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlert/override?apikey=ZAP&attack=ZAP&confidenceId=ZAP&cweId=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&evidence=ZAP&id=ZAP&name=ZAP&otherInfo=ZAP&param=ZAP&references=ZAP&riskId=ZAP&solution=ZAP&wascId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: wascId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP
Metody GET
Parameter confidenceId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: confidenceId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP
Metody GET
Parameter confidenceId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: confidenceId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP
Metody GET
Parameter confidenceId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: confidenceId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsConfidence/override?apikey=ZAP&confidenceId=ZAP&ids=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/action/updateAlertsRisk/override?apikey=ZAP&ids=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: recurse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: recurse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertCountsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: recurse=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alerts/override?apikey=ZAP&baseurl=ZAP&contextName=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: recurse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: recurse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertsByRisk/override?apikey=ZAP&recurse=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: recurse=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alert/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attack=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attack=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attack=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attackIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attackIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attackIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attackIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attackIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attackIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: evidence=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: evidence=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: evidence=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidenceIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: evidenceIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidenceIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: evidenceIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidenceIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: evidenceIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter methods
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: methods=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter methods
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: methods=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter methods
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: methods=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter newLevel
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: newLevel=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter newLevel
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: newLevel=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter newLevel
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: newLevel=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameter
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: parameter=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameter
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: parameter=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameter
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: parameter=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameterIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: parameterIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameterIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: parameterIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameterIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: parameterIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter ruleId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ruleId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter ruleId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ruleId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter ruleId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ruleId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter urlIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: urlIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter urlIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: urlIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter urlIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: urlIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attack=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attack=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attack=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attackIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attackIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attackIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attackIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attackIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attackIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: evidence=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: evidence=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: evidence=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidenceIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: evidenceIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidenceIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: evidenceIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidenceIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: evidenceIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter methods
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: methods=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter methods
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: methods=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter methods
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: methods=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter newLevel
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: newLevel=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter newLevel
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: newLevel=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter newLevel
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: newLevel=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameter
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: parameter=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameter
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: parameter=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameter
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: parameter=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameterIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: parameterIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameterIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: parameterIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameterIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: parameterIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter ruleId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ruleId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter ruleId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ruleId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter ruleId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ruleId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter urlIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: urlIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter urlIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: urlIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter urlIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/addGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: urlIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/applyAll/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/applyAll/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/applyAll/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/applyAll/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/applyAll/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/applyAll/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/applyContext/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/applyContext/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/applyContext/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/applyContext/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/applyContext/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/applyContext/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/applyGlobal/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/applyGlobal/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/applyGlobal/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/applyGlobal/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/applyGlobal/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/applyGlobal/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attack=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attack=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attack=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attackIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attackIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attackIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attackIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attackIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attackIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: evidence=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: evidence=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: evidence=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidenceIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: evidenceIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidenceIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: evidenceIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidenceIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: evidenceIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter methods
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: methods=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter methods
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: methods=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter methods
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: methods=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter newLevel
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: newLevel=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter newLevel
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: newLevel=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter newLevel
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: newLevel=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameter
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: parameter=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameter
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: parameter=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameter
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: parameter=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameterIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: parameterIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameterIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: parameterIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameterIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: parameterIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter ruleId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ruleId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter ruleId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ruleId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter ruleId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ruleId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter urlIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: urlIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter urlIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: urlIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter urlIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&contextId=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: urlIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attack=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attack=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attack
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attack=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attackIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attackIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attackIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attackIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter attackIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attackIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: evidence=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: evidence=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidence
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: evidence=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidenceIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: evidenceIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidenceIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: evidenceIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter evidenceIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: evidenceIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter methods
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: methods=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter methods
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: methods=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter methods
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: methods=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter newLevel
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: newLevel=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter newLevel
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: newLevel=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter newLevel
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: newLevel=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameter
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: parameter=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameter
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: parameter=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameter
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: parameter=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameterIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: parameterIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameterIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: parameterIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter parameterIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: parameterIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter ruleId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ruleId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter ruleId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ruleId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter ruleId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ruleId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter urlIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: urlIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter urlIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: urlIsRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP
Metody GET
Parameter urlIsRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/removeGlobalAlertFilter/override?apikey=ZAP&attack=ZAP&attackIsRegex=ZAP&enabled=ZAP&evidence=ZAP&evidenceIsRegex=ZAP&methods=ZAP&newLevel=ZAP&parameter=ZAP&parameterIsRegex=ZAP&ruleId=ZAP&url=https%3A%2F%2Fzap.example.com&urlIsRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: urlIsRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/testAll/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/testAll/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/testAll/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/testAll/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/testAll/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/testAll/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/testContext/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/testContext/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/testContext/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/testContext/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/testContext/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/testContext/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/action/testGlobal/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/testGlobal/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/testGlobal/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/testGlobal/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/action/testGlobal/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/action/testGlobal/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/view/alertFilterList/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/alertFilter/view/globalAlertFilterList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/view/globalAlertFilterList/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/view/globalAlertFilterList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/view/globalAlertFilterList/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/alertFilter/view/globalAlertFilterList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/alertFilter/view/globalAlertFilterList/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter type
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: type=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter type
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: type=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter type
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addExcludedParam/override?apikey=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: type=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter attackStrength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attackStrength=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter attackStrength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attackStrength=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter attackStrength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attackStrength=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/addScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/clearExcludedFromScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/clearExcludedFromScan/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/clearExcludedFromScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/clearExcludedFromScan/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/clearExcludedFromScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/clearExcludedFromScan/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/disableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableAllScanners/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/enableScanners/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/excludeFromScan/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP
Metody GET
Parameter path
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: path=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP
Metody GET
Parameter path
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: path=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP
Metody GET
Parameter path
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/importScanPolicy/override?apikey=ZAP&path=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: path=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: idx=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: idx=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: idx=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter type
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: type=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter type
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: type=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter type
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/modifyExcludedParam/override?apikey=ZAP&idx=ZAP&name=ZAP&type=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: type=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/pause/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/pauseAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/pauseAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/pauseAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/pauseAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/pauseAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/pauseAllScans/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/removeAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeAllScans/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: idx=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: idx=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeExcludedParam/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: idx=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeScan/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/removeScanPolicy/override?apikey=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/resume/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/resumeAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/resumeAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/resumeAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/resumeAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/resumeAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/resumeAllScans/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter inScopeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: inScopeOnly=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter inScopeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: inScopeOnly=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter inScopeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: inScopeOnly=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter method
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: method=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter method
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: method=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter method
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: method=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter postData
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: postData=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter postData
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: postData=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter postData
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: postData=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: recurse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: recurse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: recurse=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scan/override?apikey=ZAP&contextId=ZAP&inScopeOnly=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter method
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: method=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter method
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: method=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter method
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: method=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter postData
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: postData=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter postData
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: postData=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter postData
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: postData=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: recurse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: recurse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: recurse=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&method=ZAP&postData=ZAP&recurse=ZAP&scanPolicyName=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setEnabledPolicies/override?apikey=ZAP&ids=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAddQueryParam/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAllowAttackOnStart/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionAttackPolicy/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionDefaultPolicy/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionDelayInMs/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionHandleAntiCSRFTokens/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionHostPerScan/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionInjectPluginIdInHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxAlertsPerRule/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxChartTimeInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxResultsToList/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxRuleDurationInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxScanDurationInMins/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionPromptInAttackMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionPromptToClearFinishedScans/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionRescanInAttackMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionScanHeadersAllRequests/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionScanNullJsonValues/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionTargetParamsEnabledRPC/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionTargetParamsInjectable/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setOptionThreadPerHost/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter attackStrength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attackStrength=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter attackStrength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attackStrength=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter attackStrength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attackStrength=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setPolicyAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter attackStrength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attackStrength=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter attackStrength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attackStrength=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter attackStrength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attackStrength=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/setScannerAttackStrength/override?apikey=ZAP&attackStrength=ZAP&id=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP
Metody GET
Parameter scannerId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scannerId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP
Metody GET
Parameter scannerId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scannerId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP
Metody GET
Parameter scannerId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/skipScanner/override?apikey=ZAP&scanId=ZAP&scannerId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scannerId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/stop/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/stopAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/stopAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/stopAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/stopAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/stopAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/stopAllScans/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter attackStrength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: attackStrength=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter attackStrength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: attackStrength=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter attackStrength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: attackStrength=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/action/updateScanPolicy/override?alertThreshold=ZAP&apikey=ZAP&attackStrength=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/alertsIds/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/attackModeQueue/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/attackModeQueue/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/attackModeQueue/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/attackModeQueue/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/attackModeQueue/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/attackModeQueue/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/excludedFromScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/excludedFromScan/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/excludedFromScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/excludedFromScan/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/excludedFromScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/excludedFromScan/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/excludedParams/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/excludedParams/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/excludedParams/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/excludedParams/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/excludedParams/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/excludedParams/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/excludedParamTypes/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/excludedParamTypes/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/excludedParamTypes/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/excludedParamTypes/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/excludedParamTypes/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/excludedParamTypes/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/messagesIds/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionAddQueryParam/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionAddQueryParam/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionAddQueryParam/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionAddQueryParam/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionAddQueryParam/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionAddQueryParam/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionAllowAttackOnStart/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionAllowAttackOnStart/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionAllowAttackOnStart/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionAllowAttackOnStart/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionAllowAttackOnStart/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionAllowAttackOnStart/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionAttackPolicy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionAttackPolicy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionAttackPolicy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionAttackPolicy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionAttackPolicy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionAttackPolicy/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionDefaultPolicy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionDefaultPolicy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionDefaultPolicy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionDefaultPolicy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionDefaultPolicy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionDefaultPolicy/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionDelayInMs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionDelayInMs/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionDelayInMs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionDelayInMs/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionDelayInMs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionDelayInMs/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionExcludedParamList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionExcludedParamList/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionExcludedParamList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionExcludedParamList/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionExcludedParamList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionExcludedParamList/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionHandleAntiCSRFTokens/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionHandleAntiCSRFTokens/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionHandleAntiCSRFTokens/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionHandleAntiCSRFTokens/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionHandleAntiCSRFTokens/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionHandleAntiCSRFTokens/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionHostPerScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionHostPerScan/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionHostPerScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionHostPerScan/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionHostPerScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionHostPerScan/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionInjectPluginIdInHeader/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionInjectPluginIdInHeader/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionInjectPluginIdInHeader/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionInjectPluginIdInHeader/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionInjectPluginIdInHeader/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionInjectPluginIdInHeader/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionMaxAlertsPerRule/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxAlertsPerRule/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionMaxAlertsPerRule/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxAlertsPerRule/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionMaxAlertsPerRule/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxAlertsPerRule/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionMaxChartTimeInMins/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxChartTimeInMins/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionMaxChartTimeInMins/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxChartTimeInMins/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionMaxChartTimeInMins/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxChartTimeInMins/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionMaxResultsToList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxResultsToList/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionMaxResultsToList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxResultsToList/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionMaxResultsToList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxResultsToList/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionMaxRuleDurationInMins/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxRuleDurationInMins/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionMaxRuleDurationInMins/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxRuleDurationInMins/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionMaxRuleDurationInMins/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxRuleDurationInMins/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionMaxScanDurationInMins/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxScanDurationInMins/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionMaxScanDurationInMins/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxScanDurationInMins/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionMaxScanDurationInMins/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxScanDurationInMins/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionMaxScansInUI/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxScansInUI/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionMaxScansInUI/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxScansInUI/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionMaxScansInUI/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionMaxScansInUI/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionPromptInAttackMode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionPromptInAttackMode/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionPromptInAttackMode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionPromptInAttackMode/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionPromptInAttackMode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionPromptInAttackMode/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionPromptToClearFinishedScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionPromptToClearFinishedScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionPromptToClearFinishedScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionPromptToClearFinishedScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionPromptToClearFinishedScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionPromptToClearFinishedScans/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionRescanInAttackMode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionRescanInAttackMode/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionRescanInAttackMode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionRescanInAttackMode/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionRescanInAttackMode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionRescanInAttackMode/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionScanHeadersAllRequests/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionScanHeadersAllRequests/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionScanHeadersAllRequests/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionScanHeadersAllRequests/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionScanHeadersAllRequests/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionScanHeadersAllRequests/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionScanNullJsonValues/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionScanNullJsonValues/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionScanNullJsonValues/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionScanNullJsonValues/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionScanNullJsonValues/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionScanNullJsonValues/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionShowAdvancedDialog/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionShowAdvancedDialog/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionShowAdvancedDialog/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionShowAdvancedDialog/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionShowAdvancedDialog/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionShowAdvancedDialog/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionTargetParamsEnabledRPC/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionTargetParamsEnabledRPC/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionTargetParamsEnabledRPC/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionTargetParamsEnabledRPC/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionTargetParamsEnabledRPC/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionTargetParamsEnabledRPC/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionTargetParamsInjectable/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionTargetParamsInjectable/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionTargetParamsInjectable/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionTargetParamsInjectable/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionTargetParamsInjectable/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionTargetParamsInjectable/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/optionThreadPerHost/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionThreadPerHost/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionThreadPerHost/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionThreadPerHost/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/optionThreadPerHost/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/optionThreadPerHost/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter policyId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: policyId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter policyId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: policyId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter policyId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: policyId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/policies/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter policyId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: policyId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter policyId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: policyId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter policyId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: policyId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP
Metody GET
Parameter scanPolicyName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanners/override?apikey=ZAP&policyId=ZAP&scanPolicyName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanPolicyName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/scanPolicyNames/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanPolicyNames/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scanPolicyNames/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanPolicyNames/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scanPolicyNames/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanPolicyNames/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scanProgress/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/scans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/scans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/scans/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ascan/view/status/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter authMethodConfigParams
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: authMethodConfigParams=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter authMethodConfigParams
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: authMethodConfigParams=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter authMethodConfigParams
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: authMethodConfigParams=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter authMethodName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: authMethodName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter authMethodName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: authMethodName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter authMethodName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: authMethodName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setAuthenticationMethod/override?apikey=ZAP&authMethodConfigParams=ZAP&authMethodName=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP
Metody GET
Parameter loggedInIndicatorRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: loggedInIndicatorRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP
Metody GET
Parameter loggedInIndicatorRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: loggedInIndicatorRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP
Metody GET
Parameter loggedInIndicatorRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedInIndicator/override?apikey=ZAP&contextId=ZAP&loggedInIndicatorRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: loggedInIndicatorRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP
Metody GET
Parameter loggedOutIndicatorRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: loggedOutIndicatorRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP
Metody GET
Parameter loggedOutIndicatorRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: loggedOutIndicatorRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP
Metody GET
Parameter loggedOutIndicatorRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/action/setLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP&loggedOutIndicatorRegex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: loggedOutIndicatorRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getAuthenticationMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP
Metody GET
Parameter authMethodName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: authMethodName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP
Metody GET
Parameter authMethodName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: authMethodName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP
Metody GET
Parameter authMethodName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getAuthenticationMethodConfigParams/override?apikey=ZAP&authMethodName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: authMethodName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getLoggedInIndicator/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getLoggedOutIndicator/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authentication/view/getSupportedAuthenticationMethods/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getSupportedAuthenticationMethods/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getSupportedAuthenticationMethods/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getSupportedAuthenticationMethods/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authentication/view/getSupportedAuthenticationMethods/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authentication/view/getSupportedAuthenticationMethods/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter bodyRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: bodyRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter bodyRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: bodyRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter bodyRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: bodyRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter headerRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: headerRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter headerRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: headerRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter headerRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: headerRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter logicalOperator
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: logicalOperator=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter logicalOperator
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: logicalOperator=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter logicalOperator
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: logicalOperator=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter statusCode
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: statusCode=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter statusCode
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: statusCode=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP
Metody GET
Parameter statusCode
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/action/setBasicAuthorizationDetectionMethod/override?apikey=ZAP&bodyRegex=ZAP&contextId=ZAP&headerRegex=ZAP&logicalOperator=ZAP&statusCode=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: statusCode=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/authorization/view/getAuthorizationDetectionMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/automation/action/endDelayJob/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/action/endDelayJob/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/automation/action/endDelayJob/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/action/endDelayJob/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/automation/action/endDelayJob/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/action/endDelayJob/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/action/runPlan/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP
Metody GET
Parameter planId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: planId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP
Metody GET
Parameter planId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: planId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP
Metody GET
Parameter planId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/automation/view/planProgress/override?apikey=ZAP&planId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: planId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/downloadLatestRelease/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/downloadLatestRelease/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/downloadLatestRelease/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/downloadLatestRelease/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/downloadLatestRelease/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/downloadLatestRelease/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/installAddon/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionCheckAddonUpdates/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionCheckOnStart/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionDownloadNewRelease/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionInstallAddonUpdates/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionInstallScannerRules/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportAlphaAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportBetaAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/setOptionReportReleaseAddons/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/action/uninstallAddon/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/installedAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/installedAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/installedAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/installedAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/installedAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/installedAddons/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/isLatestVersion/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/isLatestVersion/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/isLatestVersion/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/isLatestVersion/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/isLatestVersion/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/isLatestVersion/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/latestVersionNumber/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/latestVersionNumber/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/latestVersionNumber/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/latestVersionNumber/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/latestVersionNumber/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/latestVersionNumber/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/localAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/localAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/localAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/localAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/localAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/localAddons/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/marketplaceAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/marketplaceAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/marketplaceAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/marketplaceAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/marketplaceAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/marketplaceAddons/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/newAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/newAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/newAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/newAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/newAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/newAddons/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionAddonDirectories/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionAddonDirectories/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionAddonDirectories/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionAddonDirectories/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionAddonDirectories/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionAddonDirectories/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionCheckAddonUpdates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionCheckAddonUpdates/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionCheckAddonUpdates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionCheckAddonUpdates/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionCheckAddonUpdates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionCheckAddonUpdates/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionCheckOnStart/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionCheckOnStart/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionCheckOnStart/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionCheckOnStart/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionCheckOnStart/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionCheckOnStart/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionDayLastChecked/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDayLastChecked/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionDayLastChecked/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDayLastChecked/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionDayLastChecked/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDayLastChecked/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionDayLastInstallWarned/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDayLastInstallWarned/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionDayLastInstallWarned/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDayLastInstallWarned/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionDayLastInstallWarned/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDayLastInstallWarned/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionDayLastUpdateWarned/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDayLastUpdateWarned/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionDayLastUpdateWarned/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDayLastUpdateWarned/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionDayLastUpdateWarned/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDayLastUpdateWarned/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionDownloadDirectory/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDownloadDirectory/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionDownloadDirectory/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDownloadDirectory/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionDownloadDirectory/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDownloadDirectory/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionDownloadNewRelease/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDownloadNewRelease/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionDownloadNewRelease/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDownloadNewRelease/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionDownloadNewRelease/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionDownloadNewRelease/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionInstallAddonUpdates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionInstallAddonUpdates/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionInstallAddonUpdates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionInstallAddonUpdates/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionInstallAddonUpdates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionInstallAddonUpdates/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionInstallScannerRules/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionInstallScannerRules/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionInstallScannerRules/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionInstallScannerRules/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionInstallScannerRules/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionInstallScannerRules/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionReportAlphaAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionReportAlphaAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionReportAlphaAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionReportAlphaAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionReportAlphaAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionReportAlphaAddons/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionReportBetaAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionReportBetaAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionReportBetaAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionReportBetaAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionReportBetaAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionReportBetaAddons/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/optionReportReleaseAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionReportReleaseAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionReportReleaseAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionReportReleaseAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/optionReportReleaseAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/optionReportReleaseAddons/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/autoupdate/view/updatedAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/updatedAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/updatedAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/updatedAddons/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/autoupdate/view/updatedAddons/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/autoupdate/view/updatedAddons/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter ignorecase
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ignorecase=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter ignorecase
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ignorecase=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter ignorecase
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ignorecase=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter inverse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: inverse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter inverse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: inverse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter inverse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: inverse=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter location
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: location=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter location
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: location=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter location
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: location=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter match
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: match=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter match
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: match=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter match
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: match=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter string
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: string=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter string
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: string=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter string
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/addHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: string=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP
Metody GET
Parameter scope
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scope=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP
Metody GET
Parameter scope
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scope=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP
Metody GET
Parameter scope
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scope=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP
Metody GET
Parameter type
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: type=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP
Metody GET
Parameter type
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: type=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP
Metody GET
Parameter type
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/break/override?apikey=ZAP&scope=ZAP&state=Oklahoma&type=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: type=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/continue/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/continue/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/continue/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/continue/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/continue/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/continue/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/drop/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/drop/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/drop/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/drop/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/drop/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/drop/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter ignorecase
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ignorecase=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter ignorecase
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ignorecase=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter ignorecase
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ignorecase=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter inverse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: inverse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter inverse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: inverse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter inverse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: inverse=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter location
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: location=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter location
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: location=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter location
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: location=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter match
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: match=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter match
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: match=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter match
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: match=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter string
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: string=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter string
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: string=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP
Metody GET
Parameter string
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/removeHttpBreakpoint/override?apikey=ZAP&ignorecase=ZAP&inverse=ZAP&location=ZAP&match=ZAP&string=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: string=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP
Metody GET
Parameter httpBody
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: httpBody=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP
Metody GET
Parameter httpBody
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: httpBody=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP
Metody GET
Parameter httpBody
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: httpBody=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP
Metody GET
Parameter httpHeader
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: httpHeader=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP
Metody GET
Parameter httpHeader
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: httpHeader=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP
Metody GET
Parameter httpHeader
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/setHttpMessage/override?apikey=ZAP&httpBody=ZAP&httpHeader=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: httpHeader=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/action/step/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/step/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/step/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/step/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/action/step/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/action/step/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP
Metody GET
Parameter keepalive
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: keepalive=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP
Metody GET
Parameter keepalive
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: keepalive=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP
Metody GET
Parameter keepalive
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: keepalive=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP
Metody GET
Parameter poll
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: poll=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP
Metody GET
Parameter poll
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: poll=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP
Metody GET
Parameter poll
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/pconn/waitForHttpBreak/override?apikey=ZAP&keepalive=ZAP&poll=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: poll=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/view/httpMessage/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/view/httpMessage/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/view/httpMessage/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/view/httpMessage/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/view/httpMessage/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/view/httpMessage/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/view/isBreakAll/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/view/isBreakAll/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/view/isBreakAll/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/view/isBreakAll/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/view/isBreakAll/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/view/isBreakAll/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/view/isBreakRequest/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/view/isBreakRequest/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/view/isBreakRequest/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/view/isBreakRequest/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/view/isBreakRequest/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/view/isBreakRequest/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/break/view/isBreakResponse/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/view/isBreakResponse/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/view/isBreakResponse/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/view/isBreakResponse/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/break/view/isBreakResponse/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/break/view/isBreakResponse/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter technologyNames
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: technologyNames=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter technologyNames
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: technologyNames=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter technologyNames
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: technologyNames=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/excludeFromContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP
Metody GET
Parameter contextFile
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextFile=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP
Metody GET
Parameter contextFile
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextFile=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP
Metody GET
Parameter contextFile
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextFile=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/exportContext/override?apikey=ZAP&contextFile=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP
Metody GET
Parameter contextFile
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextFile=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP
Metody GET
Parameter contextFile
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextFile=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP
Metody GET
Parameter contextFile
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/importContext/override?apikey=ZAP&contextFile=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextFile=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeAllContextTechnologies/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter technologyNames
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: technologyNames=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter technologyNames
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: technologyNames=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP
Metody GET
Parameter technologyNames
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeContextTechnologies/override?apikey=ZAP&contextName=ZAP&technologyNames=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: technologyNames=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/includeInContext/override?apikey=ZAP&contextName=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/newContext/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/removeContext/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter checkingStrategy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: checkingStrategy=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter checkingStrategy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: checkingStrategy=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter checkingStrategy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: checkingStrategy=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollData
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: pollData=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollData
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: pollData=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollData
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: pollData=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollFrequency
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: pollFrequency=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollFrequency
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: pollFrequency=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollFrequency
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: pollFrequency=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollFrequencyUnits
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: pollFrequencyUnits=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollFrequencyUnits
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: pollFrequencyUnits=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollFrequencyUnits
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: pollFrequencyUnits=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollHeaders
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: pollHeaders=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollHeaders
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: pollHeaders=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollHeaders
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: pollHeaders=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollUrl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: pollUrl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollUrl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: pollUrl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP
Metody GET
Parameter pollUrl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextCheckingStrategy/override?apikey=ZAP&checkingStrategy=ZAP&contextName=ZAP&pollData=ZAP&pollFrequency=ZAP&pollFrequencyUnits=ZAP&pollHeaders=ZAP&pollUrl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: pollUrl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP
Metody GET
Parameter booleanInScope
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: booleanInScope=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP
Metody GET
Parameter booleanInScope
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: booleanInScope=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP
Metody GET
Parameter booleanInScope
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: booleanInScope=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextInScope/override?apikey=ZAP&booleanInScope=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter excRegexs
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: excRegexs=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter excRegexs
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: excRegexs=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter excRegexs
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: excRegexs=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter incRegexs
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: incRegexs=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter incRegexs
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: incRegexs=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP
Metody GET
Parameter incRegexs
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/action/setContextRegexs/override?apikey=ZAP&contextName=ZAP&excRegexs=ZAP&incRegexs=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: incRegexs=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/context/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/contextList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/contextList/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/contextList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/contextList/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/contextList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/contextList/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/excludedTechnologyList/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/excludeRegexs/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/includedTechnologyList/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/includeRegexs/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/technologyList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/technologyList/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/technologyList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/technologyList/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/technologyList/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/technologyList/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/context/view/urls/override?apikey=ZAP&contextName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter followRedirects
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: followRedirects=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter followRedirects
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: followRedirects=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter followRedirects
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/accessUrl/override?apikey=ZAP&followRedirects=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: followRedirects=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: isEnabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: isEnabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: isEnabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: isRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: isRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: isRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/addProxyChainExcludedDomain/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/clearExcludedFromProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/clearExcludedFromProxy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/clearExcludedFromProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/clearExcludedFromProxy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/clearExcludedFromProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/clearExcludedFromProxy/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/createSbomZip/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteAlert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/deleteAllAlerts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteAllAlerts/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/deleteAllAlerts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteAllAlerts/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/deleteAllAlerts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteAllAlerts/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter method
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: method=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter method
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: method=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter method
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: method=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter postData
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: postData=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter postData
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: postData=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter postData
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/deleteSiteNode/override?apikey=ZAP&method=ZAP&postData=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: postData=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/disableAllProxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/disableAllProxyChainExcludedDomains/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/disableAllProxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/disableAllProxyChainExcludedDomains/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/disableAllProxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/disableAllProxyChainExcludedDomains/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/disableClientCertificate/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/disableClientCertificate/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/disableClientCertificate/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/disableClientCertificate/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/disableClientCertificate/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/disableClientCertificate/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/enableAllProxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enableAllProxyChainExcludedDomains/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/enableAllProxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enableAllProxyChainExcludedDomains/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/enableAllProxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enableAllProxyChainExcludedDomains/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter index
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: index=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter index
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: index=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter index
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: index=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter password
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: password=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter password
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: password=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter password
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/enablePKCS12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: password=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/excludeFromProxy/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/generateRootCA/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/generateRootCA/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/generateRootCA/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/generateRootCA/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/generateRootCA/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/generateRootCA/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/loadSession/override?apikey=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: idx=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: idx=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: idx=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: isEnabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: isEnabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: isEnabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: isRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: isRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: isRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/modifyProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter overwrite
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: overwrite=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter overwrite
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: overwrite=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter overwrite
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/newSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: overwrite=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: idx=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: idx=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/removeProxyChainExcludedDomain/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: idx=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/runGarbageCollection/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/runGarbageCollection/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/runGarbageCollection/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/runGarbageCollection/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/runGarbageCollection/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/runGarbageCollection/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter overwrite
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: overwrite=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter overwrite
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: overwrite=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter overwrite
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/saveSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: overwrite=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter followRedirects
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: followRedirects=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter followRedirects
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: followRedirects=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter followRedirects
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: followRedirects=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter request
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: request=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter request
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: request=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter request
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/sendRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: request=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP
Metody GET
Parameter dir
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: dir=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP
Metody GET
Parameter dir
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: dir=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP
Metody GET
Parameter dir
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setHomeDirectory/override?apikey=ZAP&dir=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: dir=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP
Metody GET
Parameter mode
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: mode=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP
Metody GET
Parameter mode
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: mode=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP
Metody GET
Parameter mode
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setMode/override?apikey=ZAP&mode=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: mode=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionAlertOverridesFilePath/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionDefaultUserAgent/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionDnsTtlSuccessfulQueries/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionHttpStateEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP
Metody GET
Parameter numberOfInstances
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: numberOfInstances=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP
Metody GET
Parameter numberOfInstances
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: numberOfInstances=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP
Metody GET
Parameter numberOfInstances
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionMaximumAlertInstances/override?apikey=ZAP&numberOfInstances=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: numberOfInstances=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionMergeRelatedAlerts/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPassword/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPort/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainPrompt/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainRealm/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainSkipName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionProxyChainUserName/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionSingleCookieRequestHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionTimeoutInSecs/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseProxyChain/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseProxyChainAuth/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/setOptionUseSocksProxy/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/shutdown/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/shutdown/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/shutdown/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/shutdown/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/shutdown/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/shutdown/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter overwrite
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: overwrite=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter overwrite
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: overwrite=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP
Metody GET
Parameter overwrite
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/action/snapshotSession/override?apikey=ZAP&name=ZAP&overwrite=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: overwrite=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/other/fileDownload/override?apikey=ZAP&fileName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/fileDownload/override?apikey=ZAP&fileName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/fileDownload/override?apikey=ZAP&fileName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/fileDownload/override?apikey=ZAP&fileName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/fileDownload/override?apikey=ZAP&fileName=ZAP
Metody GET
Parameter fileName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/fileDownload/override?apikey=ZAP&fileName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: fileName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/fileDownload/override?apikey=ZAP&fileName=ZAP
Metody GET
Parameter fileName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/fileDownload/override?apikey=ZAP&fileName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: fileName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/fileUpload/override?apikey=ZAP&fileContents=test_file.txt&fileName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/fileUpload/override?apikey=ZAP&fileContents=test_file.txt&fileName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/fileUpload/override?apikey=ZAP&fileContents=test_file.txt&fileName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/fileUpload/override?apikey=ZAP&fileContents=test_file.txt&fileName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/fileUpload/override?apikey=ZAP&fileContents=test_file.txt&fileName=ZAP
Metody GET
Parameter fileName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/fileUpload/override?apikey=ZAP&fileContents=test_file.txt&fileName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: fileName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/fileUpload/override?apikey=ZAP&fileContents=test_file.txt&fileName=ZAP
Metody GET
Parameter fileName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/fileUpload/override?apikey=ZAP&fileContents=test_file.txt&fileName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: fileName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/htmlreport/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/htmlreport/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/htmlreport/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/htmlreport/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/jsonreport/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/jsonreport/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/jsonreport/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/jsonreport/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/mdreport/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/mdreport/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/mdreport/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/mdreport/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messageHar/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messageHar/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messageHar/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messageHar/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messageHar/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messageHar/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messageHar/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messageHar/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messagesHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messagesHarById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messagesHarById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messagesHarById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messagesHarById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messagesHarById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messagesHarById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/messagesHarById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/messagesHarById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/proxy.pac/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/proxy.pac/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/proxy.pac/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/proxy.pac/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/rootcert/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/rootcert/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/rootcert/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/rootcert/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter followRedirects
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: followRedirects=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter followRedirects
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: followRedirects=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter request
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: request=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter request
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: request=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/setproxy/override?apikey=ZAP&proxy=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/setproxy/override?apikey=ZAP&proxy=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/setproxy/override?apikey=ZAP&proxy=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/setproxy/override?apikey=ZAP&proxy=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/setproxy/override?apikey=ZAP&proxy=ZAP
Metody GET
Parameter proxy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/setproxy/override?apikey=ZAP&proxy=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: proxy=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/setproxy/override?apikey=ZAP&proxy=ZAP
Metody GET
Parameter proxy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/setproxy/override?apikey=ZAP&proxy=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: proxy=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/xmlreport/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/xmlreport/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/other/xmlreport/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/other/xmlreport/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alert/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alerts/override?apikey=ZAP&baseurl=ZAP&count=3&riskId=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/alertsSummary/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/childNodes/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/childNodes/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/childNodes/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/childNodes/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/childNodes/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/childNodes/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/excludedFromProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/excludedFromProxy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/excludedFromProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/excludedFromProxy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/excludedFromProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/excludedFromProxy/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/homeDirectory/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/homeDirectory/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/homeDirectory/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/homeDirectory/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/homeDirectory/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/homeDirectory/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/hosts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/hosts/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/hosts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/hosts/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/hosts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/hosts/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/message/override?apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messages/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/messagesById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/mode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/mode/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/mode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/mode/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/mode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/mode/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: riskId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP
Metody GET
Parameter riskId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfAlerts/override?apikey=ZAP&baseurl=ZAP&riskId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: riskId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/numberOfMessages/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionAlertOverridesFilePath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionAlertOverridesFilePath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionAlertOverridesFilePath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionAlertOverridesFilePath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionAlertOverridesFilePath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionAlertOverridesFilePath/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionDefaultUserAgent/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionDefaultUserAgent/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionDefaultUserAgent/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionDefaultUserAgent/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionDefaultUserAgent/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionDefaultUserAgent/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionDnsTtlSuccessfulQueries/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionDnsTtlSuccessfulQueries/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionDnsTtlSuccessfulQueries/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionDnsTtlSuccessfulQueries/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionDnsTtlSuccessfulQueries/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionDnsTtlSuccessfulQueries/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionHttpState/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionHttpState/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionHttpState/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionHttpState/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionHttpState/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionHttpState/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionHttpStateEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionHttpStateEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionHttpStateEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionHttpStateEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionHttpStateEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionHttpStateEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionMaximumAlertInstances/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionMaximumAlertInstances/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionMaximumAlertInstances/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionMaximumAlertInstances/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionMaximumAlertInstances/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionMaximumAlertInstances/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionMergeRelatedAlerts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionMergeRelatedAlerts/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionMergeRelatedAlerts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionMergeRelatedAlerts/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionMergeRelatedAlerts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionMergeRelatedAlerts/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionProxyChainName/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainName/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainName/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainName/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainName/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainName/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionProxyChainPassword/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainPassword/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainPassword/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainPassword/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainPassword/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainPassword/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionProxyChainPort/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainPort/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainPort/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainPort/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainPort/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainPort/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionProxyChainPrompt/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainPrompt/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainPrompt/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainPrompt/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainPrompt/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainPrompt/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionProxyChainRealm/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainRealm/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainRealm/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainRealm/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainRealm/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainRealm/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionProxyChainSkipName/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainSkipName/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainSkipName/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainSkipName/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainSkipName/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainSkipName/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionProxyChainUserName/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainUserName/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainUserName/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainUserName/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyChainUserName/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyChainUserName/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyExcludedDomains/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyExcludedDomains/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyExcludedDomains/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomainsEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyExcludedDomainsEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomainsEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyExcludedDomainsEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionProxyExcludedDomainsEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionProxyExcludedDomainsEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionSingleCookieRequestHeader/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionSingleCookieRequestHeader/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionSingleCookieRequestHeader/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionSingleCookieRequestHeader/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionSingleCookieRequestHeader/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionSingleCookieRequestHeader/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionTimeoutInSecs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionTimeoutInSecs/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionTimeoutInSecs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionTimeoutInSecs/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionTimeoutInSecs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionTimeoutInSecs/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionUseProxyChain/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionUseProxyChain/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionUseProxyChain/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionUseProxyChain/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionUseProxyChain/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionUseProxyChain/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionUseProxyChainAuth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionUseProxyChainAuth/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionUseProxyChainAuth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionUseProxyChainAuth/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionUseProxyChainAuth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionUseProxyChainAuth/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/optionUseSocksProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionUseSocksProxy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionUseSocksProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionUseSocksProxy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/optionUseSocksProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/optionUseSocksProxy/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/proxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/proxyChainExcludedDomains/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/proxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/proxyChainExcludedDomains/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/proxyChainExcludedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/proxyChainExcludedDomains/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/sessionLocation/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/sessionLocation/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/sessionLocation/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/sessionLocation/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/sessionLocation/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/sessionLocation/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/sites/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/sites/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/sites/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/sites/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/sites/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/sites/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/urls/override?apikey=ZAP&baseurl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/version/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/version/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/version/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/version/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/version/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/version/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/core/view/zapHomePath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/zapHomePath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/zapHomePath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/zapHomePath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/core/view/zapHomePath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/zapHomePath/override?apikey=ZAP appears to include user input in: a(n) [input] tag [value] attribute The user input found was: apikey=ZAP The user-controlled value was: zaphomepath
URL http://localhost:3000/UI/core/view/zapHomePath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/zapHomePath/override?apikey=ZAP appears to include user input in: a(n) [input] tag [zap-name] attribute The user input found was: apikey=ZAP The user-controlled value was: zaphomepath
URL http://localhost:3000/UI/core/view/zapHomePath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/core/view/zapHomePath/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importHar/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importModsec2Logs/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importUrls/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/action/importZapLogs/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/exportHar/override?apikey=ZAP&baseurl=ZAP&count=3&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/exportHarById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/exportHarById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/exportHarById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/exportHarById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/exportHarById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/exportHarById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/exportHarById/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/exportHarById/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter followRedirects
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: followRedirects=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter followRedirects
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: followRedirects=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter request
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: request=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP
Metody GET
Parameter request
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/exim/other/sendHarRequest/override?apikey=ZAP&followRedirects=ZAP&request=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: request=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP
Metody GET
Parameter boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP
Metody GET
Parameter boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP
Metody GET
Parameter boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/action/setForcedUserModeEnabled/override?apikey=ZAP&boolean=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/view/getForcedUser/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/forcedUser/view/isForcedUserModeEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/view/isForcedUserModeEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/view/isForcedUserModeEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/view/isForcedUserModeEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/forcedUser/view/isForcedUserModeEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/forcedUser/view/isForcedUserModeEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP
Metody GET
Parameter endurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: endurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP
Metody GET
Parameter endurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: endurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP
Metody GET
Parameter endurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: endurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP
Metody GET
Parameter file
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: file=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP
Metody GET
Parameter file
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: file=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP
Metody GET
Parameter file
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importFile/override?apikey=ZAP&endurl=ZAP&file=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: file=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter endurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: endurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter endurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: endurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter endurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/importUrl/override?apikey=ZAP&endurl=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: endurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionArgsType/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionLenientMaxQueryDepthEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxAdditionalQueryDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxArgsDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionMaxQueryDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionOptionalArgsEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionQueryGenEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionQuerySplitType/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/action/setOptionRequestMethod/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/view/optionArgsType/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionArgsType/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionArgsType/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionArgsType/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionArgsType/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionArgsType/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/view/optionLenientMaxQueryDepthEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionLenientMaxQueryDepthEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionLenientMaxQueryDepthEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionLenientMaxQueryDepthEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionLenientMaxQueryDepthEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionLenientMaxQueryDepthEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/view/optionMaxAdditionalQueryDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionMaxAdditionalQueryDepth/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionMaxAdditionalQueryDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionMaxAdditionalQueryDepth/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionMaxAdditionalQueryDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionMaxAdditionalQueryDepth/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/view/optionMaxArgsDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionMaxArgsDepth/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionMaxArgsDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionMaxArgsDepth/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionMaxArgsDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionMaxArgsDepth/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/view/optionMaxQueryDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionMaxQueryDepth/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionMaxQueryDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionMaxQueryDepth/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionMaxQueryDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionMaxQueryDepth/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/view/optionOptionalArgsEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionOptionalArgsEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionOptionalArgsEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionOptionalArgsEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionOptionalArgsEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionOptionalArgsEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/view/optionQueryGenEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionQueryGenEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionQueryGenEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionQueryGenEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionQueryGenEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionQueryGenEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/view/optionQuerySplitType/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionQuerySplitType/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionQuerySplitType/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionQuerySplitType/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionQuerySplitType/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionQuerySplitType/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/graphql/view/optionRequestMethod/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionRequestMethod/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionRequestMethod/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionRequestMethod/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/graphql/view/optionRequestMethod/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/graphql/view/optionRequestMethod/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter tokenEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: tokenEnabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter tokenEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: tokenEnabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter tokenEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: tokenEnabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/addSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: session=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: session=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: session=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/createEmptySession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeDefaultSessionToken/override?apikey=ZAP&sessionToken=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: session=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: session=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: session=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/removeSessionToken/override?apikey=ZAP&sessionToken=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter newSessionName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: newSessionName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter newSessionName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: newSessionName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter newSessionName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: newSessionName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter oldSessionName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: oldSessionName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter oldSessionName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: oldSessionName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter oldSessionName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: oldSessionName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/renameSession/override?apikey=ZAP&newSessionName=ZAP&oldSessionName=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: session=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: session=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: session=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setActiveSession/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter tokenEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: tokenEnabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter tokenEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: tokenEnabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP
Metody GET
Parameter tokenEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setDefaultSessionTokenEnabled/override?apikey=ZAP&sessionToken=ZAP&tokenEnabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: tokenEnabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: session=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: session=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: session=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter sessionToken
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: sessionToken=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter tokenValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: tokenValue=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter tokenValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: tokenValue=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP
Metody GET
Parameter tokenValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/setSessionTokenValue/override?apikey=ZAP&session=ZAP&sessionToken=ZAP&site=ZAP&tokenValue=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: tokenValue=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/action/unsetActiveSession/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/activeSession/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/view/defaultSessionTokens/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/defaultSessionTokens/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/defaultSessionTokens/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/defaultSessionTokens/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/defaultSessionTokens/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/defaultSessionTokens/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: session=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: session=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter session
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: session=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessions/override?apikey=ZAP&session=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sessionTokens/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/httpSessions/view/sites/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sites/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/sites/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sites/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/httpSessions/view/sites/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/httpSessions/view/sites/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP
Metody GET
Parameter record
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: record=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP
Metody GET
Parameter record
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: record=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP
Metody GET
Parameter record
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/log/override?apikey=ZAP&record=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: record=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP
Metody GET
Parameter body
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: body=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP
Metody GET
Parameter body
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: body=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP
Metody GET
Parameter body
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: body=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP
Metody GET
Parameter header
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: header=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP
Metody GET
Parameter header
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: header=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP
Metody GET
Parameter header
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/recordRequest/override?apikey=ZAP&body=ZAP&header=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: header=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/resetTutorialTasks/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/resetTutorialTasks/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/resetTutorialTasks/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/resetTutorialTasks/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/resetTutorialTasks/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/resetTutorialTasks/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionBaseDirectory/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionDevelopmentMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnabledForDaemon/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnabledForDesktop/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionEnableOnDomainMsgs/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionInScopeOnly/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionRemoveCSP/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionShowWelcomeScreen/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionSkipTutorialTasks/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionTutorialTaskDone/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setOptionTutorialTestMode/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: key=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: key=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: key=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/action/setUiOption/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/other/changesInHtml/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/other/changesInHtml/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/other/changesInHtml/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/other/changesInHtml/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: key=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: key=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/getUiOption/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: key=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/heartbeat/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/heartbeat/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/heartbeat/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/heartbeat/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/heartbeat/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/heartbeat/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/hudAlertData/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/hudAlertData/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/hudAlertData/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/hudAlertData/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/hudAlertData/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/hudAlertData/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionAllowUnsafeEval/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionAllowUnsafeEval/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionAllowUnsafeEval/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionAllowUnsafeEval/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionAllowUnsafeEval/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionAllowUnsafeEval/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionBaseDirectory/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionBaseDirectory/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionBaseDirectory/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionBaseDirectory/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionBaseDirectory/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionBaseDirectory/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionDevelopmentMode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionDevelopmentMode/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionDevelopmentMode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionDevelopmentMode/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionDevelopmentMode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionDevelopmentMode/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionEnabledForDaemon/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionEnabledForDaemon/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionEnabledForDaemon/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionEnabledForDaemon/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionEnabledForDaemon/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionEnabledForDaemon/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionEnabledForDesktop/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionEnabledForDesktop/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionEnabledForDesktop/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionEnabledForDesktop/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionEnabledForDesktop/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionEnabledForDesktop/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionEnableOnDomainMsgs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionEnableOnDomainMsgs/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionEnableOnDomainMsgs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionEnableOnDomainMsgs/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionEnableOnDomainMsgs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionEnableOnDomainMsgs/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionEnableTelemetry/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionEnableTelemetry/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionEnableTelemetry/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionEnableTelemetry/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionEnableTelemetry/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionEnableTelemetry/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionInScopeOnly/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionInScopeOnly/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionInScopeOnly/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionInScopeOnly/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionInScopeOnly/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionInScopeOnly/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionRemoveCSP/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionRemoveCSP/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionRemoveCSP/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionRemoveCSP/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionRemoveCSP/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionRemoveCSP/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionShowWelcomeScreen/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionShowWelcomeScreen/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionShowWelcomeScreen/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionShowWelcomeScreen/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionShowWelcomeScreen/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionShowWelcomeScreen/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionSkipTutorialTasks/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionSkipTutorialTasks/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionSkipTutorialTasks/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionSkipTutorialTasks/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionSkipTutorialTasks/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionSkipTutorialTasks/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionTutorialHost/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialHost/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionTutorialHost/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialHost/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionTutorialHost/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialHost/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionTutorialPort/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialPort/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionTutorialPort/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialPort/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionTutorialPort/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialPort/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionTutorialTasksDone/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialTasksDone/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionTutorialTasksDone/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialTasksDone/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionTutorialTasksDone/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialTasksDone/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionTutorialTestMode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialTestMode/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionTutorialTestMode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialTestMode/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionTutorialTestMode/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialTestMode/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/optionTutorialUpdates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialUpdates/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionTutorialUpdates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialUpdates/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/optionTutorialUpdates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/optionTutorialUpdates/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/tutorialUpdates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/tutorialUpdates/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/tutorialUpdates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/tutorialUpdates/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/tutorialUpdates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/tutorialUpdates/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/hud/view/upgradedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/upgradedDomains/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/upgradedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/upgradedDomains/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/hud/view/upgradedDomains/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/hud/view/upgradedDomains/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/keyboard/other/cheatsheetActionOrder/override?apikey=ZAP&incUnset=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/keyboard/other/cheatsheetActionOrder/override?apikey=ZAP&incUnset=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/keyboard/other/cheatsheetActionOrder/override?apikey=ZAP&incUnset=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/keyboard/other/cheatsheetActionOrder/override?apikey=ZAP&incUnset=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/keyboard/other/cheatsheetActionOrder/override?apikey=ZAP&incUnset=ZAP
Metody GET
Parameter incUnset
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/keyboard/other/cheatsheetActionOrder/override?apikey=ZAP&incUnset=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: incUnset=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/keyboard/other/cheatsheetActionOrder/override?apikey=ZAP&incUnset=ZAP
Metody GET
Parameter incUnset
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/keyboard/other/cheatsheetActionOrder/override?apikey=ZAP&incUnset=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: incUnset=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/keyboard/other/cheatsheetKeyOrder/override?apikey=ZAP&incUnset=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/keyboard/other/cheatsheetKeyOrder/override?apikey=ZAP&incUnset=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/keyboard/other/cheatsheetKeyOrder/override?apikey=ZAP&incUnset=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/keyboard/other/cheatsheetKeyOrder/override?apikey=ZAP&incUnset=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/keyboard/other/cheatsheetKeyOrder/override?apikey=ZAP&incUnset=ZAP
Metody GET
Parameter incUnset
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/keyboard/other/cheatsheetKeyOrder/override?apikey=ZAP&incUnset=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: incUnset=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/keyboard/other/cheatsheetKeyOrder/override?apikey=ZAP&incUnset=ZAP
Metody GET
Parameter incUnset
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/keyboard/other/cheatsheetKeyOrder/override?apikey=ZAP&incUnset=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: incUnset=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter alwaysDecodeZip
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: alwaysDecodeZip=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter alwaysDecodeZip
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: alwaysDecodeZip=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter alwaysDecodeZip
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: alwaysDecodeZip=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter behindNat
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: behindNat=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter behindNat
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: behindNat=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter behindNat
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: behindNat=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: port=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: port=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: port=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter removeUnsupportedEncodings
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: removeUnsupportedEncodings=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter removeUnsupportedEncodings
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: removeUnsupportedEncodings=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP
Metody GET
Parameter removeUnsupportedEncodings
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/addAdditionalProxy/override?address=688+Zaproxy+Ridge&alwaysDecodeZip=ZAP&apikey=ZAP&behindNat=ZAP&port=ZAP&removeUnsupportedEncodings=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: removeUnsupportedEncodings=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: port=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: port=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/action/removeAdditionalProxy/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: port=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/localProxies/view/additionalProxies/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/view/additionalProxies/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/view/additionalProxies/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/view/additionalProxies/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/localProxies/view/additionalProxies/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/localProxies/view/additionalProxies/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addAlias/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: host=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: host=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addHttpProxyExclusion/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: host=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter api
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: api=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter api
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: api=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter api
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: api=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter behindNat
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: behindNat=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter behindNat
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: behindNat=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter behindNat
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: behindNat=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter decodeResponse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: decodeResponse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter decodeResponse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: decodeResponse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter decodeResponse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: decodeResponse=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: port=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: port=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: port=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter proxy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: proxy=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter proxy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: proxy=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter proxy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: proxy=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter removeAcceptEncoding
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: removeAcceptEncoding=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter removeAcceptEncoding
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: removeAcceptEncoding=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP
Metody GET
Parameter removeAcceptEncoding
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addLocalServer/override?address=688+Zaproxy+Ridge&api=ZAP&apikey=ZAP&behindNat=ZAP&decodeResponse=ZAP&port=ZAP&proxy=ZAP&removeAcceptEncoding=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: removeAcceptEncoding=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter authority
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: authority=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter authority
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: authority=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter authority
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: authority=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPassThrough/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter index
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: index=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter index
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: index=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter index
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: index=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter password
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: password=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter password
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: password=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP
Metody GET
Parameter password
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addPkcs12ClientCertificate/override?apikey=ZAP&filePath=ZAP&index=ZAP&password=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: password=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter groupBy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: groupBy=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter groupBy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: groupBy=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter groupBy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: groupBy=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter matchRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: matchRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter matchRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: matchRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter matchRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: matchRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter matchString
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: matchString=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter matchString
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: matchString=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter matchString
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: matchString=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter requestsPerSecond
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: requestsPerSecond=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter requestsPerSecond
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: requestsPerSecond=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP
Metody GET
Parameter requestsPerSecond
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/addRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&groupBy=ZAP&matchRegex=ZAP&matchString=ZAP&requestsPerSecond=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: requestsPerSecond=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/generateRootCaCert/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/generateRootCaCert/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/generateRootCaCert/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/generateRootCaCert/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/generateRootCaCert/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/generateRootCaCert/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: filePath=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP
Metody GET
Parameter filePath
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/importRootCaCert/override?apikey=ZAP&filePath=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: filePath=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeAlias/override?apikey=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: host=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: host=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeHttpProxyExclusion/override?apikey=ZAP&host=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: host=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: port=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: port=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeLocalServer/override?address=688+Zaproxy+Ridge&apikey=ZAP&port=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: port=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP
Metody GET
Parameter authority
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: authority=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP
Metody GET
Parameter authority
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: authority=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP
Metody GET
Parameter authority
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removePassThrough/override?apikey=ZAP&authority=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: authority=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/removeRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/removeRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/removeRateLimitRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setAliasEnabled/override?apikey=ZAP&enabled=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP
Metody GET
Parameter timeout
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: timeout=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP
Metody GET
Parameter timeout
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: timeout=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP
Metody GET
Parameter timeout
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setConnectionTimeout/override?apikey=ZAP&timeout=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: timeout=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP
Metody GET
Parameter userAgent
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userAgent=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP
Metody GET
Parameter userAgent
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userAgent=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP
Metody GET
Parameter userAgent
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setDefaultUserAgent/override?apikey=ZAP&userAgent=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userAgent=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP
Metody GET
Parameter ttl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ttl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP
Metody GET
Parameter ttl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ttl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP
Metody GET
Parameter ttl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setDnsTtlSuccessfulQueries/override?apikey=ZAP&ttl=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ttl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: host=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: host=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: host=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter password
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: password=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter password
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: password=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter password
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: password=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: port=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: port=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: port=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter realm
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: realm=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter realm
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: realm=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter realm
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: realm=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter username
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: username=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter username
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: username=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP
Metody GET
Parameter username
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&realm=ZAP&username=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: username=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyAuthEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: host=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: host=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setHttpProxyExclusionEnabled/override?apikey=ZAP&enabled=ZAP&host=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: host=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter authority
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: authority=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter authority
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: authority=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter authority
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: authority=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setPassThroughEnabled/override?apikey=ZAP&authority=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setRateLimitRuleEnabled/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter validity
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: validity=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter validity
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: validity=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter validity
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setRootCaCertValidity/override?apikey=ZAP&validity=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: validity=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter validity
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: validity=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter validity
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: validity=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP
Metody GET
Parameter validity
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setServerCertValidity/override?apikey=ZAP&validity=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: validity=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: host=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: host=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter host
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: host=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter password
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: password=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter password
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: password=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter password
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: password=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: port=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: port=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter port
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: port=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter useDns
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: useDns=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter useDns
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: useDns=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter useDns
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: useDns=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter username
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: username=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter username
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: username=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter username
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: username=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter version
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: version=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter version
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: version=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP
Metody GET
Parameter version
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxy/override?apikey=ZAP&host=ZAP&password=ZAP&port=ZAP&useDns=ZAP&username=ZAP&version=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: version=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setSocksProxyEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP
Metody GET
Parameter use
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: use=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP
Metody GET
Parameter use
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: use=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP
Metody GET
Parameter use
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setUseClientCertificate/override?apikey=ZAP&use=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: use=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP
Metody GET
Parameter use
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: use=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP
Metody GET
Parameter use
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: use=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP
Metody GET
Parameter use
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/action/setUseGlobalHttpState/override?apikey=ZAP&use=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: use=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/other/proxy.pac/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/other/proxy.pac/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/other/proxy.pac/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/other/proxy.pac/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/other/rootCaCert/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/other/rootCaCert/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/other/rootCaCert/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/other/rootCaCert/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/other/setProxy/override?apikey=ZAP&proxy=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/other/setProxy/override?apikey=ZAP&proxy=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/other/setProxy/override?apikey=ZAP&proxy=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/other/setProxy/override?apikey=ZAP&proxy=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/other/setProxy/override?apikey=ZAP&proxy=ZAP
Metody GET
Parameter proxy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/other/setProxy/override?apikey=ZAP&proxy=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: proxy=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/other/setProxy/override?apikey=ZAP&proxy=ZAP
Metody GET
Parameter proxy
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/other/setProxy/override?apikey=ZAP&proxy=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: proxy=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getAliases/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getAliases/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getAliases/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getAliases/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getAliases/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getAliases/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/getConnectionTimeout/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getConnectionTimeout/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getConnectionTimeout/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getConnectionTimeout/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getConnectionTimeout/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getConnectionTimeout/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/getDefaultUserAgent/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getDefaultUserAgent/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getDefaultUserAgent/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getDefaultUserAgent/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getDefaultUserAgent/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getDefaultUserAgent/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/getDnsTtlSuccessfulQueries/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getDnsTtlSuccessfulQueries/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getDnsTtlSuccessfulQueries/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getDnsTtlSuccessfulQueries/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getDnsTtlSuccessfulQueries/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getDnsTtlSuccessfulQueries/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/getHttpProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getHttpProxy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getHttpProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getHttpProxy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getHttpProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getHttpProxy/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/getHttpProxyExclusions/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getHttpProxyExclusions/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getHttpProxyExclusions/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getHttpProxyExclusions/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getHttpProxyExclusions/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getHttpProxyExclusions/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/getLocalServers/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getLocalServers/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getLocalServers/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getLocalServers/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getLocalServers/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getLocalServers/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/getPassThroughs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getPassThroughs/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getPassThroughs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getPassThroughs/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getPassThroughs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getPassThroughs/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/getRateLimitRules/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getRateLimitRules/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getRateLimitRules/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getRateLimitRules/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getRateLimitRules/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getRateLimitRules/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/getRootCaCertValidity/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getRootCaCertValidity/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getRootCaCertValidity/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getRootCaCertValidity/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getRootCaCertValidity/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getRootCaCertValidity/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/getServerCertValidity/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getServerCertValidity/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getServerCertValidity/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getServerCertValidity/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getServerCertValidity/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getServerCertValidity/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/getSocksProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getSocksProxy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getSocksProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getSocksProxy/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/getSocksProxy/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/getSocksProxy/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/isHttpProxyAuthEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/isHttpProxyAuthEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/isHttpProxyAuthEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/isHttpProxyAuthEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/isHttpProxyAuthEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/isHttpProxyAuthEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/isHttpProxyEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/isHttpProxyEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/isHttpProxyEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/isHttpProxyEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/isHttpProxyEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/isHttpProxyEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/isSocksProxyEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/isSocksProxyEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/isSocksProxyEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/isSocksProxyEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/isSocksProxyEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/isSocksProxyEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/network/view/isUseGlobalHttpState/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/isUseGlobalHttpState/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/isUseGlobalHttpState/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/isUseGlobalHttpState/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/network/view/isUseGlobalHttpState/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/network/view/isUseGlobalHttpState/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter file
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: file=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter file
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: file=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter file
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: file=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter target
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: target=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter target
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: target=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP
Metody GET
Parameter target
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importFile/override?apikey=ZAP&contextId=ZAP&file=ZAP&target=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: target=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter hostOverride
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: hostOverride=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter hostOverride
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: hostOverride=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter hostOverride
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/openapi/action/importUrl/override?apikey=ZAP&contextId=ZAP&hostOverride=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: hostOverride=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/params/view/params/override?apikey=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP
Metody GET
Parameter endpointUrl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: endpointUrl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP
Metody GET
Parameter endpointUrl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: endpointUrl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP
Metody GET
Parameter endpointUrl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: endpointUrl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP
Metody GET
Parameter file
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: file=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP
Metody GET
Parameter file
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: file=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP
Metody GET
Parameter file
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importFile/override?apikey=ZAP&endpointUrl=ZAP&file=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: file=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter endpointUrl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: endpointUrl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter endpointUrl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: endpointUrl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter endpointUrl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/postman/action/importUrl/override?apikey=ZAP&endpointUrl=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: endpointUrl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/clearQueue/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/clearQueue/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/clearQueue/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/clearQueue/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/clearQueue/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/clearQueue/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/disableAllScanners/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/disableAllScanners/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/disableAllScanners/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/disableAllScanners/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/disableAllScanners/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/disableAllScanners/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/disableAllTags/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/disableAllTags/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/disableAllTags/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/disableAllTags/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/disableAllTags/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/disableAllTags/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/disableScanners/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/enableAllScanners/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/enableAllScanners/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/enableAllScanners/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/enableAllScanners/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/enableAllScanners/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/enableAllScanners/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/enableAllTags/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/enableAllTags/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/enableAllTags/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/enableAllTags/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/enableAllTags/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/enableAllTags/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: ids=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP
Metody GET
Parameter ids
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/enableScanners/override?apikey=ZAP&ids=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: ids=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setEnabled/override?apikey=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP
Metody GET
Parameter maxAlerts
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: maxAlerts=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP
Metody GET
Parameter maxAlerts
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: maxAlerts=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP
Metody GET
Parameter maxAlerts
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setMaxAlertsPerRule/override?apikey=ZAP&maxAlerts=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: maxAlerts=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP
Metody GET
Parameter alertThreshold
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: alertThreshold=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: id=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP
Metody GET
Parameter id
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScannerAlertThreshold/override?alertThreshold=ZAP&apikey=ZAP&id=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: id=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP
Metody GET
Parameter onlyInScope
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: onlyInScope=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP
Metody GET
Parameter onlyInScope
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: onlyInScope=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP
Metody GET
Parameter onlyInScope
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/action/setScanOnlyInScope/override?apikey=ZAP&onlyInScope=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: onlyInScope=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/view/currentRule/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/currentRule/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/view/currentRule/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/currentRule/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/view/currentRule/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/currentRule/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/view/currentTasks/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/currentTasks/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/view/currentTasks/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/currentTasks/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/view/currentTasks/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/currentTasks/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/view/maxAlertsPerRule/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/maxAlertsPerRule/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/view/maxAlertsPerRule/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/maxAlertsPerRule/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/view/maxAlertsPerRule/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/maxAlertsPerRule/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/view/recordsToScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/recordsToScan/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/view/recordsToScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/recordsToScan/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/view/recordsToScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/recordsToScan/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/view/scanners/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/scanners/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/view/scanners/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/scanners/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/view/scanners/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/scanners/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/pscan/view/scanOnlyInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/scanOnlyInScope/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/view/scanOnlyInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/scanOnlyInScope/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/pscan/view/scanOnlyInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/pscan/view/scanOnlyInScope/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/quickstartlaunch/other/startPage/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/quickstartlaunch/other/startPage/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/quickstartlaunch/other/startPage/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/quickstartlaunch/other/startPage/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter initiators
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: initiators=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter initiators
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: initiators=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter initiators
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: initiators=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter matchRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: matchRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter matchRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: matchRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter matchRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: matchRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter matchString
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: matchString=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter matchString
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: matchString=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter matchString
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: matchString=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter matchType
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: matchType=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter matchType
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: matchType=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter matchType
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: matchType=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter replacement
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: replacement=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter replacement
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: replacement=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter replacement
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/addRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&enabled=ZAP&initiators=ZAP&matchRegex=ZAP&matchString=ZAP&matchType=ZAP&replacement=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: replacement=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/replacer/action/removeRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/removeRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/removeRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/removeRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/removeRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/removeRule/override?apikey=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter bool
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [form] tag [id] attribute The user input found was: bool=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter bool
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [form] tag [name] attribute The user input found was: bool=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.
Metody GET
Parameter bool
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/action/setEnabled/override?apikey=ZAP&bool=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos. appears to include user input in: a(n) [select] tag [id] attribute The user input found was: bool=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/replacer/view/rules/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/view/rules/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/view/rules/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/view/rules/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/replacer/view/rules/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/replacer/view/rules/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter contexts
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contexts=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter contexts
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contexts=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter contexts
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contexts=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter display
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: display=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter display
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: display=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter display
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: display=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter includedConfidences
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: includedConfidences=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter includedConfidences
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: includedConfidences=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter includedConfidences
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: includedConfidences=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter includedRisks
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: includedRisks=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter includedRisks
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: includedRisks=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter includedRisks
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: includedRisks=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter reportDir
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: reportDir=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter reportDir
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: reportDir=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter reportDir
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: reportDir=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter reportFileName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: reportFileName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter reportFileName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: reportFileName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter reportFileName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: reportFileName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter reportFileNamePattern
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: reportFileNamePattern=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter reportFileNamePattern
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: reportFileNamePattern=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter reportFileNamePattern
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: reportFileNamePattern=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter sections
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: sections=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter sections
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: sections=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter sections
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: sections=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter sites
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: sites=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter sites
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: sites=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter sites
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: sites=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter template
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: template=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter template
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: template=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter template
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: template=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter theme
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: theme=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter theme
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: theme=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter theme
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: theme=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter title
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: title=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter title
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: title=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP
Metody GET
Parameter title
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/action/generate/override?apikey=ZAP&contexts=ZAP&description=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&display=ZAP&includedConfidences=ZAP&includedRisks=ZAP&reportDir=ZAP&reportFileName=ZAP&reportFileNamePattern=ZAP&sections=ZAP&sites=ZAP&template=ZAP&theme=ZAP&title=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: title=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP
Metody GET
Parameter template
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: template=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP
Metody GET
Parameter template
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: template=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP
Metody GET
Parameter template
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/view/templateDetails/override?apikey=ZAP&template=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: template=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reports/view/templates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/view/templates/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/view/templates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/view/templates/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reports/view/templates/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reports/view/templates/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP
Metody GET
Parameter alertIds
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: alertIds=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP
Metody GET
Parameter alertIds
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: alertIds=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP
Metody GET
Parameter alertIds
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: alertIds=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/retest/action/retest/override?alertIds=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP
Metody GET
Parameter reveal
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: reveal=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP
Metody GET
Parameter reveal
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: reveal=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP
Metody GET
Parameter reveal
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reveal/action/setReveal/override?apikey=ZAP&reveal=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: reveal=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/reveal/view/reveal/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reveal/view/reveal/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reveal/view/reveal/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reveal/view/reveal/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/reveal/view/reveal/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/reveal/view/reveal/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ruleConfig/action/resetAllRuleConfigValues/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/resetAllRuleConfigValues/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/action/resetAllRuleConfigValues/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/resetAllRuleConfigValues/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/action/resetAllRuleConfigValues/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/resetAllRuleConfigValues/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: key=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: key=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/resetRuleConfigValue/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: key=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: key=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: key=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: key=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/action/setRuleConfigValue/override?apikey=ZAP&key=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ruleConfig/view/allRuleConfigs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/view/allRuleConfigs/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/view/allRuleConfigs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/view/allRuleConfigs/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/view/allRuleConfigs/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/view/allRuleConfigs/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: key=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: key=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP
Metody GET
Parameter key
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/ruleConfig/view/ruleConfigValue/override?apikey=ZAP&key=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: key=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalCustomVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearGlobalVars/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalVars/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearGlobalVars/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalVars/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearGlobalVars/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearGlobalVars/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/clearScriptVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/disable/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/enable/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter charset
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: charset=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter charset
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: charset=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter charset
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: charset=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter fileName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: fileName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter fileName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: fileName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter fileName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: fileName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter scriptDescription
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptDescription=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter scriptDescription
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptDescription=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter scriptDescription
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptDescription=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter scriptEngine
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptEngine=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter scriptEngine
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptEngine=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter scriptEngine
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptEngine=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter scriptType
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptType=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter scriptType
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptType=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP
Metody GET
Parameter scriptType
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/load/override?apikey=ZAP&charset=ZAP&fileName=ZAP&scriptDescription=ZAP&scriptEngine=ZAP&scriptName=ZAP&scriptType=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptType=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/remove/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/runStandAloneScript/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter varValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: varValue=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter varValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: varValue=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter varValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setGlobalVar/override?apikey=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: varValue=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter varValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: varValue=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter varValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: varValue=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP
Metody GET
Parameter varValue
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/action/setScriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP&varValue=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: varValue=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalCustomVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/globalCustomVars/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalCustomVars/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/globalCustomVars/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalCustomVars/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/globalCustomVars/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalCustomVars/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalVar/override?apikey=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/globalVars/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalVars/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/globalVars/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalVars/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/globalVars/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/globalVars/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/listEngines/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/listEngines/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/listEngines/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/listEngines/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/listEngines/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/listEngines/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/listScripts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/listScripts/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/listScripts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/listScripts/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/listScripts/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/listScripts/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/listTypes/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/listTypes/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/listTypes/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/listTypes/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/listTypes/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/listTypes/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptCustomVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: varKey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP
Metody GET
Parameter varKey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVar/override?apikey=ZAP&scriptName=ZAP&varKey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: varKey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP
Metody GET
Parameter scriptName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/script/view/scriptVars/override?apikey=ZAP&scriptName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scriptName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/other/harByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/messagesByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByHeaderRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByRequestRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByResponseRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter baseurl
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: baseurl=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/search/view/urlsByUrlRegex/override?apikey=ZAP&baseurl=ZAP&count=3&regex=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter argument
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: argument=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter argument
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: argument=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter argument
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: argument=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter browser
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: browser=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter browser
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: browser=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter browser
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: browser=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/addBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP
Metody GET
Parameter argument
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: argument=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP
Metody GET
Parameter argument
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: argument=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP
Metody GET
Parameter argument
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: argument=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP
Metody GET
Parameter browser
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: browser=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP
Metody GET
Parameter browser
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: browser=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP
Metody GET
Parameter browser
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/removeBrowserArgument/override?apikey=ZAP&argument=ZAP&browser=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: browser=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter argument
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: argument=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter argument
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: argument=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter argument
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: argument=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter browser
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: browser=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter browser
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: browser=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter browser
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: browser=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setBrowserArgumentEnabled/override?apikey=ZAP&argument=ZAP&browser=ZAP&enabled=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionChromeBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionChromeDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxDefaultProfile/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionFirefoxDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionIeDriverPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionLastDirectory/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/action/setOptionPhantomJsBinaryPath/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP
Metody GET
Parameter browser
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: browser=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP
Metody GET
Parameter browser
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: browser=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP
Metody GET
Parameter browser
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/getBrowserArguments/override?apikey=ZAP&browser=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: browser=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/view/optionBrowserExtensions/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionBrowserExtensions/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionBrowserExtensions/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionBrowserExtensions/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionBrowserExtensions/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionBrowserExtensions/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/view/optionChromeBinaryPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionChromeBinaryPath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionChromeBinaryPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionChromeBinaryPath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionChromeBinaryPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionChromeBinaryPath/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/view/optionChromeDriverPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionChromeDriverPath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionChromeDriverPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionChromeDriverPath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionChromeDriverPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionChromeDriverPath/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/view/optionFirefoxBinaryPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionFirefoxBinaryPath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionFirefoxBinaryPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionFirefoxBinaryPath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionFirefoxBinaryPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionFirefoxBinaryPath/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/view/optionFirefoxDefaultProfile/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionFirefoxDefaultProfile/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionFirefoxDefaultProfile/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionFirefoxDefaultProfile/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionFirefoxDefaultProfile/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionFirefoxDefaultProfile/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/view/optionFirefoxDriverPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionFirefoxDriverPath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionFirefoxDriverPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionFirefoxDriverPath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionFirefoxDriverPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionFirefoxDriverPath/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/view/optionIeDriverPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionIeDriverPath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionIeDriverPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionIeDriverPath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionIeDriverPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionIeDriverPath/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/view/optionLastDirectory/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionLastDirectory/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionLastDirectory/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionLastDirectory/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionLastDirectory/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionLastDirectory/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/selenium/view/optionPhantomJsBinaryPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionPhantomJsBinaryPath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionPhantomJsBinaryPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionPhantomJsBinaryPath/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/selenium/view/optionPhantomJsBinaryPath/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/selenium/view/optionPhantomJsBinaryPath/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter methodConfigParams
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: methodConfigParams=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter methodConfigParams
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: methodConfigParams=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter methodConfigParams
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: methodConfigParams=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter methodName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: methodName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter methodName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: methodName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP
Metody GET
Parameter methodName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/action/setSessionManagementMethod/override?apikey=ZAP&contextId=ZAP&methodConfigParams=ZAP&methodName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: methodName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethod/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP
Metody GET
Parameter methodName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: methodName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP
Metody GET
Parameter methodName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: methodName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP
Metody GET
Parameter methodName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSessionManagementMethodConfigParams/override?apikey=ZAP&methodName=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: methodName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/sessionManagement/view/getSupportedSessionManagementMethods/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSupportedSessionManagementMethods/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/view/getSupportedSessionManagementMethods/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSupportedSessionManagementMethods/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/sessionManagement/view/getSupportedSessionManagementMethods/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/sessionManagement/view/getSupportedSessionManagementMethods/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP
Metody GET
Parameter file
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: file=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP
Metody GET
Parameter file
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: file=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP
Metody GET
Parameter file
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/soap/action/importFile/override?apikey=ZAP&file=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: file=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/soap/action/importUrl/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/soap/action/importUrl/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/soap/action/importUrl/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/soap/action/importUrl/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/soap/action/importUrl/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/soap/action/importUrl/override?apikey=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: isEnabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: isEnabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: isEnabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: isRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: isRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: isRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/addDomainAlwaysInScope/override?apikey=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/clearExcludedFromScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/clearExcludedFromScan/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/clearExcludedFromScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/clearExcludedFromScan/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/clearExcludedFromScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/clearExcludedFromScan/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/disableAllDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/disableAllDomainsAlwaysInScope/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/disableAllDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/disableAllDomainsAlwaysInScope/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/disableAllDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/disableAllDomainsAlwaysInScope/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/enableAllDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/enableAllDomainsAlwaysInScope/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/enableAllDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/enableAllDomainsAlwaysInScope/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/enableAllDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/enableAllDomainsAlwaysInScope/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: regex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP
Metody GET
Parameter regex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/excludeFromScan/override?apikey=ZAP&regex=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: regex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: idx=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: idx=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: idx=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: isEnabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: isEnabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isEnabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: isEnabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: isRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: isRegex=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter isRegex
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: isRegex=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/modifyDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP&isEnabled=ZAP&isRegex=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/pause/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/pauseAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/pauseAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/pauseAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/pauseAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/pauseAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/pauseAllScans/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/removeAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/removeAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/removeAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeAllScans/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: idx=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: idx=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP
Metody GET
Parameter idx
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeDomainAlwaysInScope/override?apikey=ZAP&idx=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: idx=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/removeScan/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/resume/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/resumeAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/resumeAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/resumeAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/resumeAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/resumeAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/resumeAllScans/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextName=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter contextName
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextName=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter maxChildren
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: maxChildren=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter maxChildren
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: maxChildren=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter maxChildren
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: maxChildren=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: recurse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: recurse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: recurse=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter subtreeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [id] attribute The user input found was: subtreeOnly=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter subtreeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [form] tag [name] attribute The user input found was: subtreeOnly=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com
Metody GET
Parameter subtreeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scan/override?apikey=ZAP&contextName=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com appears to include user input in: a(n) [select] tag [id] attribute The user input found was: subtreeOnly=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter maxChildren
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: maxChildren=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter maxChildren
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: maxChildren=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter maxChildren
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: maxChildren=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: recurse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: recurse=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter recurse
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: recurse=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter subtreeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: subtreeOnly=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter subtreeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: subtreeOnly=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter subtreeOnly
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: subtreeOnly=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/scanAsUser/override?apikey=ZAP&contextId=ZAP&maxChildren=ZAP&recurse=ZAP&subtreeOnly=ZAP&url=https%3A%2F%2Fzap.example.com&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionAcceptCookies/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionHandleODataParametersVisited/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionHandleParameters/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxChildren/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxDepth/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxDuration/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxParseSizeBytes/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionMaxScansInUI/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseComments/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseDsStore/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseGit/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseRobotsTxt/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseSitemapXml/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionParseSVNEntries/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionPostForm/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionProcessForm/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionRequestWaitTime/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionSendRefererHeader/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionShowAdvancedDialog/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionSkipURLString/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionThreadCount/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/setOptionUserAgent/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/stop/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/action/stopAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/stopAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/stopAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/stopAllScans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/action/stopAllScans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/action/stopAllScans/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/addedNodes/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/allUrls/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/allUrls/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/allUrls/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/allUrls/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/allUrls/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/allUrls/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/domainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/domainsAlwaysInScope/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/domainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/domainsAlwaysInScope/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/domainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/domainsAlwaysInScope/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/excludedFromScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/excludedFromScan/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/excludedFromScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/excludedFromScan/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/excludedFromScan/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/excludedFromScan/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/fullResults/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionAcceptCookies/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionAcceptCookies/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionAcceptCookies/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionAcceptCookies/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionAcceptCookies/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionAcceptCookies/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScope/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScope/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScope/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScope/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScopeEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScopeEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScopeEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScopeEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScopeEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionDomainsAlwaysInScopeEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionHandleODataParametersVisited/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionHandleODataParametersVisited/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionHandleODataParametersVisited/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionHandleODataParametersVisited/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionHandleODataParametersVisited/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionHandleODataParametersVisited/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionHandleParameters/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionHandleParameters/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionHandleParameters/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionHandleParameters/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionHandleParameters/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionHandleParameters/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionMaxChildren/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxChildren/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionMaxChildren/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxChildren/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionMaxChildren/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxChildren/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionMaxDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxDepth/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionMaxDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxDepth/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionMaxDepth/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxDepth/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionMaxDuration/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxDuration/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionMaxDuration/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxDuration/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionMaxDuration/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxDuration/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionMaxParseSizeBytes/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxParseSizeBytes/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionMaxParseSizeBytes/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxParseSizeBytes/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionMaxParseSizeBytes/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxParseSizeBytes/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionMaxScansInUI/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxScansInUI/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionMaxScansInUI/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxScansInUI/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionMaxScansInUI/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionMaxScansInUI/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionParseComments/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseComments/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionParseComments/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseComments/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionParseComments/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseComments/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionParseDsStore/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseDsStore/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionParseDsStore/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseDsStore/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionParseDsStore/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseDsStore/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionParseGit/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseGit/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionParseGit/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseGit/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionParseGit/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseGit/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionParseRobotsTxt/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseRobotsTxt/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionParseRobotsTxt/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseRobotsTxt/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionParseRobotsTxt/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseRobotsTxt/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionParseSitemapXml/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseSitemapXml/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionParseSitemapXml/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseSitemapXml/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionParseSitemapXml/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseSitemapXml/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionParseSVNEntries/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseSVNEntries/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionParseSVNEntries/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseSVNEntries/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionParseSVNEntries/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionParseSVNEntries/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionPostForm/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionPostForm/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionPostForm/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionPostForm/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionPostForm/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionPostForm/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionProcessForm/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionProcessForm/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionProcessForm/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionProcessForm/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionProcessForm/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionProcessForm/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionRequestWaitTime/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionRequestWaitTime/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionRequestWaitTime/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionRequestWaitTime/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionRequestWaitTime/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionRequestWaitTime/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionSendRefererHeader/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionSendRefererHeader/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionSendRefererHeader/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionSendRefererHeader/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionSendRefererHeader/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionSendRefererHeader/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionShowAdvancedDialog/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionShowAdvancedDialog/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionShowAdvancedDialog/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionShowAdvancedDialog/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionShowAdvancedDialog/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionShowAdvancedDialog/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionSkipURLString/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionSkipURLString/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionSkipURLString/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionSkipURLString/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionSkipURLString/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionSkipURLString/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionThreadCount/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionThreadCount/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionThreadCount/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionThreadCount/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionThreadCount/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionThreadCount/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/optionUserAgent/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionUserAgent/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionUserAgent/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionUserAgent/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/optionUserAgent/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/optionUserAgent/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/results/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/scans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/scans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/scans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/scans/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/scans/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/scans/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: scanId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP
Metody GET
Parameter scanId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/spider/view/status/override?apikey=ZAP&scanId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: scanId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter keyPrefix
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: keyPrefix=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter keyPrefix
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: keyPrefix=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter keyPrefix
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/clearStats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: keyPrefix=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP
Metody GET
Parameter Boolean
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionInMemoryEnabled/override?Boolean=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Boolean=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdHost/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: Integer=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP
Metody GET
Parameter Integer
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdPort/override?Integer=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: Integer=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: String=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP
Metody GET
Parameter String
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/action/setOptionStatsdPrefix/override?String=ZAP&apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: String=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter keyPrefix
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: keyPrefix=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter keyPrefix
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: keyPrefix=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter keyPrefix
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/allSitesStats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: keyPrefix=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/view/optionInMemoryEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionInMemoryEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/optionInMemoryEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionInMemoryEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/optionInMemoryEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionInMemoryEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/view/optionStatsdEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionStatsdEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/optionStatsdEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionStatsdEnabled/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/optionStatsdEnabled/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionStatsdEnabled/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/view/optionStatsdHost/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionStatsdHost/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/optionStatsdHost/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionStatsdHost/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/optionStatsdHost/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionStatsdHost/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/view/optionStatsdPort/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionStatsdPort/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/optionStatsdPort/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionStatsdPort/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/optionStatsdPort/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionStatsdPort/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/view/optionStatsdPrefix/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionStatsdPrefix/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/optionStatsdPrefix/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionStatsdPrefix/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/optionStatsdPrefix/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/optionStatsdPrefix/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP
Metody GET
Parameter keyPrefix
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: keyPrefix=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP
Metody GET
Parameter keyPrefix
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: keyPrefix=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP
Metody GET
Parameter keyPrefix
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: keyPrefix=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: site=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP
Metody GET
Parameter site
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/siteStats/override?apikey=ZAP&keyPrefix=ZAP&site=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: site=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter keyPrefix
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: keyPrefix=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter keyPrefix
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: keyPrefix=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP
Metody GET
Parameter keyPrefix
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/stats/view/stats/override?apikey=ZAP&keyPrefix=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: keyPrefix=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/authenticateAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/newUser/override?apikey=ZAP&contextId=ZAP&name=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/pollAsUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/removeUser/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter authCredentialsConfigParams
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: authCredentialsConfigParams=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter authCredentialsConfigParams
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: authCredentialsConfigParams=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter authCredentialsConfigParams
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: authCredentialsConfigParams=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationCredentials/override?apikey=ZAP&authCredentialsConfigParams=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter lastPollResult
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: lastPollResult=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter lastPollResult
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: lastPollResult=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter lastPollResult
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: lastPollResult=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter lastPollTimeInMs
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: lastPollTimeInMs=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter lastPollTimeInMs
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: lastPollTimeInMs=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter lastPollTimeInMs
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: lastPollTimeInMs=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter requestsSinceLastPoll
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: requestsSinceLastPoll=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter requestsSinceLastPoll
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: requestsSinceLastPoll=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter requestsSinceLastPoll
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: requestsSinceLastPoll=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setAuthenticationState/override?apikey=ZAP&contextId=ZAP&lastPollResult=ZAP&lastPollTimeInMs=ZAP&requestsSinceLastPoll=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter domain
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: domain=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter domain
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: domain=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter domain
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: domain=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter path
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: path=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter path
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: path=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter path
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: path=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter secure
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: secure=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter secure
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: secure=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter secure
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: secure=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: value=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP
Metody GET
Parameter value
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setCookie/override?apikey=ZAP&contextId=ZAP&domain=ZAP&name=ZAP&path=ZAP&secure=ZAP&userId=ZAP&value=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: value=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: enabled=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter enabled
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: enabled=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserEnabled/override?apikey=ZAP&contextId=ZAP&enabled=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: name=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter name
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: name=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/action/setUserName/override?apikey=ZAP&contextId=ZAP&name=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentials/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationCredentialsConfigParams/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationSession/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getAuthenticationState/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: userId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP
Metody GET
Parameter userId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/getUserById/override?apikey=ZAP&contextId=ZAP&userId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: userId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: contextId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP
Metody GET
Parameter contextId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/users/view/usersList/override?apikey=ZAP&contextId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: contextId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter channelId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: channelId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter channelId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: channelId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter channelId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: channelId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter outgoing
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: outgoing=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter outgoing
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: outgoing=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter outgoing
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/sendTextMessage/override?apikey=ZAP&channelId=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: outgoing=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter outgoing
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: outgoing=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter outgoing
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: outgoing=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP
Metody GET
Parameter outgoing
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/action/setBreakTextMessage/override?apikey=ZAP&message=Zaproxy+alias+impedit+expedita+quisquam+pariatur+exercitationem.+Nemo+rerum+eveniet+dolores+rem+quia+dignissimos.&outgoing=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: outgoing=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/view/breakTextMessage/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/breakTextMessage/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/breakTextMessage/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/breakTextMessage/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/breakTextMessage/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/breakTextMessage/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/view/channels/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/channels/override?apikey=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/channels/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/channels/override?apikey=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/channels/override?apikey=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/channels/override?apikey=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP
Metody GET
Parameter channelId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: channelId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP
Metody GET
Parameter channelId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: channelId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP
Metody GET
Parameter channelId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: channelId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP
Metody GET
Parameter messageId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: messageId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP
Metody GET
Parameter messageId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: messageId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP
Metody GET
Parameter messageId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/message/override?apikey=ZAP&channelId=ZAP&messageId=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: messageId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: apikey=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter apikey
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: apikey=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter channelId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: channelId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter channelId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: channelId=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter channelId
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: channelId=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter payloadPreviewLength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: payloadPreviewLength=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter payloadPreviewLength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: payloadPreviewLength=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter payloadPreviewLength
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: payloadPreviewLength=ZAP The user-controlled value was: zapapiformat
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP appears to include user input in: a(n) [form] tag [name] attribute The user input found was: start=ZAP The user-controlled value was: zapform
URL http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP
Metody GET
Parameter start
Atak
Evidence
Other Info User-controlled HTML attribute values were found. Try injecting special characters to see if XSS might be possible. The page at the following URL: http://localhost:3000/UI/websocket/view/messages/override?apikey=ZAP&channelId=ZAP&count=3&payloadPreviewLength=ZAP&start=ZAP appears to include user input in: a(n) [select] tag [id] attribute The user input found was: start=ZAP The user-controlled value was: zapapiformat
Instances 4134
Solution
Validate all input and sanitize output it before writing to any HTML attributes.
Reference http://websecuritytool.codeplex.com/wikipage?title=Checks#user-controlled-html-attribute
CWE Id 20
WASC Id 20
Plugin Id 10031